First, don’t panic 🙂 We’ll continue to support PHP 5.3 for as long as it’s possible. This means that we’ll drop PHP only if this is a requirement to supporting a future version of PHP or when we can no longer run PHP 5.3 on our test servers.
The former condition seems rather unlikely. Last week I managed to make the backup engine and the application framework run under PHP 5.3, 5.4, 5.5, 5.6 and the beta version of PHP 7.0. This means that the former condition won’t be an issue for 1-3 years.
The latter condition is what worries me the most. Right now we can compile PHP 5.3 to 7 under Ubuntu 14.04 LTS. If a future version of PHP no longer compiles and we have to upgrade our environment the chances are that PHP 5.3 won’t be able to compile, making it impossible for us to test against PHP 5.3. And of course we are bound by the minimum requirements of third party libraries, such as Amazon S3, albeit they seems to be really good at supporting very old PHP versions so far. I am as good a fortune teller as the next guy, but I expect that PHP 5.3 support will have to be dropped in 1-2 years.
Finally, PHP 5.3 is already end of life. It stands to reason that in the next few months a major security vulnerability will be discovered and will be left unpatched, putting our blogs at risk.
This leaves us with the question “what should we do”. If you are running the latest version of WordPress and have updated all of your plugins there is no reason not to upgrade to PHP 5.4 or even PHP 5.5. There is one simple way to test this:
1. Download a local server package such as XAMPP, MAMP or WAMPServer and make sure they are using the same version of PHP as the one you’re planning on upgrading to (e.g. PHP 5.5)
2. Use Akeeba Backup CORE for WordPress to back up your site
3. Restore the backup on the local server
4. Use the local clone of your site and see if anything breaks
5. If something breaks contact the author of the affected plugin and get a fix for the issue. Go back to step 4.
6. Apply all the fixes on your live site and go to step 9. Alternatively proceed to step 7.
7. Use Akeeba Backup CORE for WordPress to back up the local clone of your site
8. Restore the backup on the live site
9. Success!
See, that’s the whole idea behind Akeeba Backup. Instead of wondering “what will happen to my blog if I change this and that” you can now test it on an exact clone of your site. This allows you to experiment freely without screwing up your live blog.
Thank you, actually I may move to another server in 6 months or so, if you’re saying in 1 to 2 years, then there is no problem at all. What got me worried was the “Security” part. Am I running any risk with my current version? Cause I asked my server about that problem, and they a while ago replied they have implemented the php version 5.4.30 too, and if I want to use it, I’ll have to place AddType application/x-httpd-php54 .php in my htaccess file.
At the time of this writing there is no published major security vulnerability in PHP 5.3 to the best of my knowledge. However we’re already 9 months after the end of life of PHP 5.3. Past experience has showed that an EOL version of PHP is risky to use after a year since its end of life.
The best thing you can do is add AddType application/x-httpd-php54 .php to your .htaccess file. If something doesn’t work you can easily remove it, so no big harm is done.
Moreover, PHP 5.4 is substantially faster than PHP 5.3. Search engines love fast sites. All the more reason to upgrade to PHP 5.4 or later!
If I upgrade my site to a newer version of php, will I have to add that?
I mean to add that line of code.
That line tells your server to use PHP 5.4 by default for all .php files. So essentially it upgrades your version of PHP.
Of course if you ask your host to make PHP 5.4 the default; or choose the default PHP version to be 5.4 by any other means such through your hosting control panel; or you move to a server with PHP 5.4 set as the default PHP version then you do NOT need that line. For more information just ask your host.
What I mean is if I migrate to a server with, for example, PHP 5.5, will I have to add that code, or everything will be fine as is?
In this case you should NOT add that to your .htaccess file. For more information please DO ask your host. These .htaccess line are entirely server-specific. Your host has configured the server, therefore your host can tell you what you should or shouldn’t add to your .htaccess file to enable one or another version of PHP. I can’t answer that question properly since I’m not your host.
