More threads by djbaxter


Jun 28, 2012
Reaction score
57% of WP Sites Become Less Secure in December 2018
by Roger Montti, Search Engine Journal
November 7, 2018

PHP 5.6 and 7.0, the scripting language that underlies 57.1% of all WordPress sites will stop receiving security updates in December 2018. No security patches will be issued for those versions of PHP after that date, making those sites less secure moving forward.
That could mean a loss of traffic and a ranking nightmare for WordPress websites still using those old versions of PHP in the event of a vulnerability.


This graph shows the percentage of sites using PHP 5.6 and 7.0. It is somewhat concerning that more than a third of WordPress sites use 5.6.
  • Security updates for PHP 5.6 is ending on December 31, 2018.
  • Security updates and patches for PHP 7.0 are ending on December 3, 2018.
This table shows when

PHP 5.6 and 7.0 will no longer receive security updates.

How Many WordPress Sites are at Risk?
According to WordPress’ official published statistics, 57.1% of WordPress sites run these outdated versions of PHP.

Why is Security Support Ending?
Security support for each version is scheduled to last a limited amount of years until it reaches what’s known as End of Life (EOL). At this point there will be no more security improvements created for it, even if a vulnerability is discovered.

All websites are required to upgrade to the latest version or risk becoming vulnerable to hacking events.

What if You Fail to Update PHP?
All websites that fail to upgrade to the latest version of PHP will be insecure and vulnerable to hacking events once versions 5.6 and 7.0 enter their End of Life (EOL) period. This means that even if security vulnerabilities are discovered, nobody will make a patch to fix the vulnerabilties in versions of PHP.

Additionally, many plugins, themes and WordPress itself will eventually stop working with these versions of PHP.

If you run a WordPress website, the most prudent action to take is to upgrade to the latest version of PHP.
The only thing it affects for me is a couple of small vBulletin 4 forums that won't run above PHP 7.1. Everything else is already running PHP 7.2, but a lot of people rarely check that sort of thing until there's a problem.

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

LocalU Event

Live Webinar - Local SEO Audits

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Top Bottom