blue banner
PHP Update

The Problem With Ignoring Website Maintenance (What We Are Learning From The PHP 8.0 Update)

page title border

PHP is a widely-used open-source scripting language known for its flexibility and simplicity, powering nearly 80% of all websites worldwide. If you’re using WordPress, you’re almost certainly using PHP.

On November 28th, security support for PHP 7.4 will end. This means WordPress websites running themes and plugins dependent on 7.4 will no longer receive security updates and will be considered a security risk.

Like all technology, updates are a fact of life to add new features and improve performance and security. Updates from 7.0 to 7.1, 7.2, 7.3, and 7.4 were no biggie, and website owners likely didn’t even know there was an update.

But the jump to 8.0? Ouch.

This is a major version update. Because 7.4 will be considered a security risk, many hosting providers will force the move to PHP 8 on November 28th (or soon after).

 

Why This Is A Problem

Many sites are still running 7.4 themes and plugins that are not PHP 8 compatible yet. These websites will no longer receive security updates, which opens the door for attackers to gain control over their databases and servers through web shells.

Some of the risks of running outdated PHP versions include:

  • Authentication bypass
  • Command injections
  • Cross-site request forgery (CSRF) attacks
  • Cross-site scripting (XSS) attacks
  • File inclusion attacks
  • PHP object injection
  • Remote code execution
  • Session highjacking
  • SQL injections

A security threat is bad business for any website, but especially for sites that sell products or collect personal information. Even sites that feature a customer login for something basic, like exercise programs, are at risk since 78% of Gen-Z users use the same password for several online accounts.

 

The Importance Of Website Maintenance

Website maintenance is a pain to remember to keep up with. And some businesses put it off because they’re worried about breaking something and being unable to revert to pre-update status.

These are valid concerns. But they’re also solid reasons to trust your website maintenance to a pro.

Old websites that haven’t been updated in months or years will have a very hard time transitioning to PHP 8. Some of them won’t be able to at all. We’re going to see websites being rebuilt from the ground up to be compatible, but that is necessary to provide a secure site to visitors.

Websites that are regularly maintained have/will make the transition without problems. They have addressed and corrected small issues along the way to keep their site current. Sometimes that means ditching a favorite plugin they’ve used for years because support is ending. But that’s simply a part of website maintenance for security and performance — and to ensure you’re prepared when major updates like PHP 8 hit.

 

Why It Pays To Partner With A Pro

PHP 8 should not have come as a surprise if you were paying a professional for website maintenance — whether an internal IT person/department, or whether you outsource to an agency like PixelPeople.

Good web developers and hosting providers always monitor the ‘end of life’ dates and support cycles for products (programming language, devices, operating systems, applications, databases, etc.). They would have been regularly updating your website, and they would have known this major version update was coming down the pipeline so that they could prepare your site for a successful transition.

If you’re ready to get a handle on website maintenance, PixelPeople offers affordable and flexible web hosting and maintenance packages. Some of our website maintenance services include:

  • Installation of available WordPress core, theme, and plugin updates once a week
  • Weekly optimization of your database, so changes won’t slow down your website
  • Daily security scans, to ensure your website is protected
  • Daily backups of your files and your database, in case a breach or crash should occur
  • Scanning for broken links, which can frustrate your users and harm your SEO
  • Uptime monitoring and reporting
  • Google Analytics reporting
  • Reporting on all of the above, delivered to your inbox every week in an easy-to-read PDF

Contact us to learn more or sign up now, and let’s get your site shored up!

Tags: , , ,

Let's Get Started!