The web software community behaves differently than embedded or installed software. Tools, solutions, and security issues are always emerging and cannot be ignored.

As a result, all web software needs to be constantly maintained and updated. And this brings us to a very old problem in the PHP/Wordpress community: the PHP version.

For those who don’t know, PHP is the programming language in which programs such as WordPress, Drupal, Laravel, and others were developed. This language is constantly being developed and has millions of developers and projects all over the world.

Now, the problem is that hosting companies and website owners use old versions of PHP and don’t seem to lift a finger to update their software.

Proposal for a Support Schedule

Until 2020, the WordPress community did not have a clear schedule for supporting old versions of PHP. Each version of WordPress had a minimum version of PHP to run, but changing this minimum version was always a problem.

There are millions of websites running on PHP 5.x versions, which are already very outdated and will soon no longer have security support from the PHP community itself.

WordPress developer Juliette Reinders published an article discussing a roadmap for support for PHP versions by the WordPress project.

The WordPress team proposes the following schedule:

Each version of WordPress will have 5 years of support for one version of PHP and another 4 years of security support

In this flow, each website could remain “untouchable” for 9 years. After that time, the website owner will have to update the code to avoid becoming vulnerable.

The longer you wait, the more expensive it will be

It is important to note that waiting 9 years to migrate will force the website owner to jump to the latest version of WordPress/PHP. However, there will be many obstacles in this transition.

Our recommendation is to always migrate with each new version of WordPress. It’s a constant effort, but it will have a much lower cost in the medium term than waiting almost a decade to update your website.

Understanding a little more about versions

I think it’s worth taking a look at the publication history of PHP versions on Wikipedia. There you can see that there is a great effort to publish security updates for PHP. Since it is a popular and common language, it also ends up being a huge target for hackers.

On the PHP Project website you can also check the efforts in creating new versions. They are currently organizing version 8 of PHP. The care and attention is so great that the publication of a new major version takes almost 1 year of discussions and testing.

And on the WordPress Project website (not to be confused with the company WordPress.com) you can also follow the release schedule for updates to the WordPress code.

Take care of your website like you take care of your car

Anyone who owns a car knows that it generates constant costs. It would be amazing if you could buy a car and never spend a dime on it again.

But that’s not how it works. In addition to taxes (IPVA, mandatory insurance), you need to fill up the car, change the oil, tires, wipers and do preventive maintenance.

A car generates a very high monthly cost, but everyone already knows and accepts this. Now, why think differently from a website?

This is a topic for another text, but it’s worth keeping this idea in mind.