Goodbye PHP 5.5

php55Yes, another milestone this weekend as PHP 5.5 reaches the end of its safe operating life on web servers. As of July 9, 2016 it will receive no more security updates. Should you be concerned? Maybe, if you are one of the many web designers and site owners whose server runs on PHP 5.5.

I see into the admin panels of many sites every day, and the majority are still using PHP 5.5 or earlier. I still see some with PHP 5.2, and many with PHP5.3. Such a security risk cannot be worth taking, surely?

Similarly, I see way too many sites using the user name ‘admin’ with a simple password, making the life of the hacker way too easy. Be aware that if you have registered the Ultimatum Toolset with one admin user, you must not delete that user without first resetting the Ultimatum Toolset (in effect de-registering it). The same applies if you wish to change the ID number of the main admin user (iThemes Security does this). An alternative to making a safer main admin user name is to rename the main admin, and there are plugins that help you do this, such as the WPVN – Username Changer plugin (use it but then remove it).

With only PHP 5.6 still being supported from the PHP 5 series, the switch to PHP 7 becomes more pressing. At last, cPanel, the supplier of the control panel software most often used by hosts, have announced that EasyApache 4 will be a stable release (out of beta) for their next version; cPanel 58 (but the easy conversion interface to convert from the current EasyApache 3 to the new 4 has been delayed; your host will have to do this from the command line for now). Also coming soon from them is add-on support for Let’s Encrypt automated, free SSL certification, and some support for NGiNX and PHP-FPM. Happy days for those of you seeking better performance and security without the need for expert server tuning skills.

WordPress › Error

There has been a critical error on this website.

Learn more about troubleshooting WordPress.