Top 5 Reasons PHP7.2 is Recommended for WordPress Websites
1. Support for PHP 7.0 and below officially ends in 5 months.
Like any other software, as newer versions are released, support for the older versions gets dropped as more and more people upgrade. Older versions are maintained with security patches for a while (between 1-2 years), to give everyone a chance to upgrade.
This table shows the currently supported versions of PHP, and the dates on which their active support and security support officially end.
As you can see in the table above, versions 5.6 and 7.0 are no longer being actively developed, but are still receiving security support. However, this security support will officially end in December. And when it does, any sites running these older versions will be susceptible to PHP security vulnerabilities, including WordPress sites!
2. Speed!
Benchmark testing shows PHP 7+ can process 2-3x the amount of requests as 5.6
PHP 7.0 removed many outdated functions that were dragging down older versions, making it more efficient than ever before, and 7.2 takes it even further. This new, leaner version of PHP allows your site to load and respond much faster than previous versions. As an example, PHP 7.2 can serve up to 3x as many requests per second and handle more traffic with the same number of resources. It can handle uncached site visits 2-3 TIMES FASTER than PHP 5.5. If you’re interested in more of the nitty gritty details in PHP version comparison, check out this post which compares site performance across the various PHP versions.
What’s more? WordPress versions 4.0 and above are actively optimised to use PHP 7 and above, meaning you get almost twice the performance out of your site a server running PHP 7.2. Of course, media and template-specific factors will still highly influence your site load times, so be sure your whole site is optimized for quick loading!
3. Better Security
PHP 5.x had hundreds of security issues that got patched up over time. If your site is running an earlier version of PHP, some of these vulnerabilities might still be present! And cybercriminals are very aware of these vulnerabilities — they actually look for sites running these earlier versions so they can stage easy attacks. Much of the flak WordPress gets for “being insecure” is due to servers and sites still running unpatched versions of PHP. Check it out: PHP 5.4 hasn’t been updated since 2015 — giving hackers 3 whole years to discover and exploit vulnerabilities that might never be patched on sites running on it.
PHP 7 introduced new security features as well, including stronger hashing and encrypting for storage of sensitive data, and better functionality for identifying content that is potentially dangerous (like malicious code injections).
4. Improved Efficiency in Processing
This leaner, more efficient version of PHP means a significant improvement in how code is processed on the server: up to a 75% reduction in the number of commands issued when performing a single task. This is huge! But what does that mean for YOUR site?
Example of a memory usage error in WordPress
Your server has a set amount of memory available for running PHP on your site. WordPress core, theme, and plugin files all require varying amounts of that memory to run; the more complex the task, the more memory is required. And when they hit that limit of memory on your server — up comes the White Screen of Death with an ugly error message. So in short, upgrading to PHP 7.2 means much less memory is required, allowing more cool stuff to happen on your site.
5. Stricter Development Standards
In the past, PHP has been pretty lax in how developers could use it, culminating in a ton of poor programming practices across the board. Earlier versions of PHP allowed developer to write code with security holes and issues that could slow performance of your site. PHP 7 and above, however, require a higher standard of coding from its developers.
While WordPress has specific requirements for all themes and plugins hosted on WordPress.org, that doesn’t apply to the many paid and commercial plugins that are available out in the wild. Forcing these better programming practices in PHP 7 means higher quality, better performing code from the start.
The PHP Compatibility Checker plugin scans to find incompatible plugins and themes
Is Your WordPress Site Ready for a PHP Upgrade?
I feel like I’ve made the case for PHP 7. Unfortunately, not all themes, plugins (or even hosts) are optimized to use it yet! So how do you know if your site, themes, and plugins will work in PHP 7 and higher? The PHP Compatibility Checker is a great place to start. And testing on a Staging Server is a smart next step.