[2022-11-1] Update: As of Shield v17 we’re dropping support for PHP 7.0 and 7.1. In order to run Shield v17, your web hosting will need to run at least PHP 7.2+
Some time ago we made the decision to increase our minimum-supported PHP version from PHP 5.2 to PHP 5.4.
Since that time WordPress themeselves have also increased their minimum PHP version to 5.6, and have already discussed moving towards PHP 7.0.
We’re taking the decision that it’s time to move ShieldPRO to PHP 7.0. This quick post is to give some explanation around this, and also to communicate our time frame and what you can expect.
Why We’re Moving To PHP 7.0
As it stands today, even PHP 7.0 is already an unsupported version. In-fact, any website running PHP less than 7.3 is unsupported!
What does “unsupported” mean exactly?
It means that websites running PHP where the version doesn’t begin with 7.3 or 7.4…
- don’t receive PHP updates or bug fixes.
- don’t receive security patches
(except 7.2, but this also ends in November 2020)
Many websites still run a variant of PHP 5… where 5.6 hasn’t received any fixes since 2017 (except for a few security patches at the end of 2018).
So if you take the security and stability of your WordPress sites seriously, keeping your PHP system up-to-date and patched, should be a priority.
We’re talking about moving to PHP 7.0 which is, as we mentioned, unsupported. The reason we’re not pushing all the way to PHP 7.3 or 7.4 is because we want to strike a balance between forward progress, and compability with as many client sites as possible.
Advantages Of Moving To PHP 7
In much the same way as moving ShieldPRO to PHP 5.4 brought us some massive advantages, there are also huge benefits to moving to PHP 7.0.
Developing a large application like ShieldPRO is a complex and time-consuming job. But it’s a challenge we enjoy and we thrive on.
However, developing code so that it will work on as many versions of PHP as possible adds a layer of complexity that we really don’t enjoy. Not only that, it introduces greater propensity for errors.
We’re careful not to introduce new PHP 7.0-only code into our application as this will break websites running PHP 5. Our development environment is setup so as to catch many of these errors, but regardless, it can and does happen from time to time.
Moving to PHP-7 will free us up in 2 massive areas:
- we’ll be less likely to release code with errors relating to incompatible PHP code; and
- we’ll have the freedom to take advantage of newer code that is only available with PHP 7+ and which itself reduces the likelihood of errors.
When Will We Move To PHP 7.0+?
We’re giving as much advance notice of this move as possible. ShieldPRO 9.x will be the last major release to support PHP 5.
That is, with ShieldPRO 10.0, we’ll no longer support PHP 5.4, 5.5, or 5.6. In order to install/run this version of ShieldPRO, you’ll need to upgrade your PHP hosting.
We don’t have a release date for ShieldPRO 10, but it’ll likely be around 2-3 months after ShieldPRO 9.0, which is due out in late April 2020.
What If Your Site Runs PHP 5?
If you want to continue to run ShieldPRO from v10.0, you’ll need to upgrade your PHP version. All major webhosts, even the terrible ones, should offer the option of moving to PHP 7.0.
Not only will your site benefit from the improved codebase and security that comes with PHP 7.0, you’ll immediately give your WordPress site a huge speed boost.
From the chart above, you see PHP 5.6 lagging far behind on the far-left.
PHP 7.3, in the benchmarks they ran, could handle over 4x as many requests per second as PHP 5.6.
So if you’re spending time optimising this, that, and the other, and running into page caching problems and other issues, you can quickly give your WordPress site a huge performance boost just by upgrading your PHP version.
Question or Comments?
We understand this isn’t a trivial thing to take on board for some clients, which is why we’re trying to give as much advance-notice about this as possible.
If you have any questions or concerns about this, please let us know in the comments below and we’ll do our best to address them and take them on-board.
these guys are on top of it!
I use this plugin on ALL of the 20+ websites I manage for clients. I have had no security breaches or compatibility issues with it in the year+ that I’ve been using it. It takes care of spam, too. Very well. I also use their iControlWP plugin for website management…
One of your essential plugins
There are some plugins that get installed on every new WordPress site I build, and this is definitely one of them. – It protects your site from brute force login attempts – It screens incoming data to prevent hacking attempts – It prevents spam bots submitting comments on your site…
Given how active hackers are on the net this plugin really helps
easy to use and very effective
it takes about half an hour to get acquainted to the plugin’s possibilities and to adjust the settings according to one’s needs. what you get is a very effective tool and a better understanding of basic security measures which shouldn’t be ignored.