How to secure yourself from old PHP versions?


In the easiest case, when you are using an outdated PHP version, you will see "deprecated" messages in logs. A slightly worse case is when you are getting those messages displayed on the front page, or it's blocking parts of website functionality - while it does not sound dangerous, it is information you are giving to a potential attacker for free. And it's not uncommon to observe.

But it can be a bit worse. If data being shown on the front page shows too much, then the attacker does not even need to attack - he just logs in to your admin panel (or applies small modification to forms and then logs in)! And of course. one last scenario is that the website simply stops working.

Hosting providers mostly do not offer help when migrating old scripts to a new PHP version - even though they allow you to change the PHP version. But should you use an older version that lacks security support? The obvious answer is - no.

On updating to a new PHP version you definitely first need to check your website on a separate test server, if your website is compatible. Then you can assess the amount of work needed to bring the full functionality of the website - if any work is needed. Sometimes, if your software was updated accordingly, your website will have no problems when switching to a new PHP version.

But if there are any bugs or usage of deprecated functions, you should check those closely. It's important to fix all "deprecated" notices, because it is information for you, that in the next PHP versions functions will not be present - and the website will simply stop working.

And just a reminder - PHP 5.4 and 5.5 is no longer supported. PHP 5.6 will receive security updates up to 31 Dec 2018 - and will no longer be developed. Even faster - PHP 7.0 - will no longer receive security updates after 3rd December 2018.

So it's a good time to ask a person that takes care of your website if you can update the PHP version - preferably to PHP 7.1 or 7.2. But if you do not have such a person - do not hesitate to reach us via the contact form below. Up to 3rd November, PHP compatibility check is only 100 Euro for the standard website (PHP 5.6, 7.0, 7.1 and 7.2)! After November 3rd prices will go up - so hurry up and contact us via the contact form below.


Let's talk