Return to Homepage

PHP Updates: What, Why, How?

Posted on:

Sarah Lee Parker

What is PHP?

As discussed in our Under the Hood - Webpage series, you know that a webpage is made of a bunch of files that are assembled into a web page and hosted somewhere on the internet. PHP: Hypertext Processor (it's one of those annoying acronyms that actually refers to itself) is a way for your host to manage, and then create your webpage upon request.

PHP is a critical part of almost 80% of all webpages, and crucial to upgrade and maintain.

As a layer of programming language between requests and the webpage files, it adds extra complexity and value to your pages.  It can provide live information from a variety of sources, using data from different sources to provide a uniquely customised webpage to every person who visits. For example, on a WordPress website, PHP can display the date and time a blog post is published based on the time zone you are in. If you have visited a webpage that gave you localised information such as dates, time, or weather, there's a chance it may have been provided to you using PHP code.


HTML (HyperText Markup Language) is the standard way of providing a static webpage to users, an HTML document is similar to a Word document, or a PDF. This means that any person who visits the webpage will get the same information, no matter their circumstances or settings. When you click on something, the browser interprets the request from the HTML and sends you the next HTML document.

Infographic depicting the process when clicking on a link in a HTML page, where the browser sends the request which delivers another full webpage
HTML Request

When you request a page from a PHP website, you are telling the website host to run a tiny program, which gives you a unique, customised webpage. In the image below, clicking on the link sends the request, which initiates different PHP instructions on the site and completes before presenting you with the webpage.

Infographic of a PHP request where a link is clicked, then the PHP server gathers data from multiple sources and sends the resulting webpage to the browser
PHP Request

As a programming language, PHP is open source and free. Open source means that the code that powers PHP is publicly accessible and open for modification in community-wide, ongoing projects. As with any software, especially one that is constantly being worked on by a community, PHP needs to be maintained to ensure security, efficiency, and integrity is consistently updated. For this reason, PHP is supported for two years from the initial release date, with release dates being towards the end of the year. The graph below shows the current release and support schedule, with PHP version 2.4 entering the phase of Security Fixes only and PHP version 7.3 no longer being supported at all.

Graph of staggered colours as a visual aid to show what versions of PHP expire when. Version 7.3 was supported until 6th December 2020, and security support will end 6th December 2021. Version 7.4 has active support until 28th of November 2021, and security support will finish 28th of November 2022.  Version 8.0 is supported until 26th of November 2022 and security support until 26th November 2023.
Current PHP Version Support Calendar

Why Does PHP need updating

Once new software is released, it's locked down, and updates can only occur in special circumstances. However, bots and people are constantly testing the software, seeing if it can be exploited for data, or used to do other actions that the owner didn't intend. Most people understand security updates due to using Windows operating systems, and PHP is the same. Patches and fixes are released regularly to keep the software secure, and doing what it was intended to do.

Photo of a blue plush elephant with "PHP" written on the side, standing on a laptop looking at website code on the screen
Photo by Ben Griffiths on Unsplash

What happens if you don't update?

Software can also stop working, or run into problems. When this happens, you may need some help which can cost you a lot of time and money. When a version is supported, it means that help is easily accessible and that there are people actively working on issues, problems, and security breaches. When support for a version stops, resolutions, patches and fixes do not get released anymore This is when your site might become a security risk for your customers, or become a target for dubious actions such as sending spam email, or start broadcasting random data in malicious data attacks.

Not keeping the PHP version up to date is like not replacing a rusted security screen. It's leaving you open to security vulnerabilities, and even though it's there, it's easy for someone to get past it, and into your website/house. If your site uses PHP, you or your web host need to be aware that updates are required.

Photo of a paper doll man wearing a blue shirt smiling almost reluctantly at the camera, with PHP code written on the wall behind him
Photo by KOBU Agency on Unsplash

What version should I be using?

If your site is currently using version 7.3, support will end on the 6th of December this year.

If you upgrade to version 7.4, support is provided for two years from the date of release, which ends on the 28th November 2021, and will only receive security fixes until 28 November 2022.

Version 8.0 is supported until 26th November 2022, with an extra year of security fixes after that.

Some web hosts will do this automatically, while some have a quick one-button update option, and others will leave it as an entirely manual process for you to complete. But whatever the update process, make sure you check your website once it's done, because not all software that you're using on your website may be compatible with the new version of PHP.

The great news is, a lot of hosting providers and web developers will do all this as part of a support and maintenance contract, like AimHigher Web. If you're not sure if you are covered for upgrading your PHP version, get in touch and have a chat with us today!

Need Help?

What services are you looking for?