WordPress has detected that your site is running on an insecure version of PHP

noviembre 29, 2021 Off By diseno.mg
WordPress has detected that your site is running on an insecure version of PHP

Have you received a notice on your WordPress website about an outdated or insecure version of PHP running on your server?

Don’t worry, we’ll help you fix this and explain what PHP is in this blog post.

What is PHP?

PHP is a coding language that is a core component of how WordPress operates. PHP has been used on the web since 1994 and most themes and plugins use PHP to display content and run features of your website. PHP is a fairly safe coding language but over the years they have made improvements, fixed security issues and improved the performance of PHP.

PHP can be used for other applications and an outdated version of PHP is not a problem that WordPress faces alone. Although WordPress is currently the largest content management system actively in use so it gets the most coverage regarding outdated PHP versions.

What versions of PHP are available?

As shown in the above image, depending on when your server & WordPress website was installed you may be using an older version of PHP. Some website hosts will automatically update your PHP version, and as of 2019 most website hosts are making an effort to make sure all servers are using modern versions.

Why update my version of PHP?

Older versions of PHP are considered unsafe and insecure. Using an older version can leave your website vulnerable to being hacked and exploited and this is especially important for ecommerce websites. For older PHP versions, patches are no longer provided and publicly disclosed security flaws are not fixed.

Using an old PHP version is playing a game against the clock. It’s not if your website will be hacked but when. Eventually it will be compromised.

How do I update my PHP version?

Updating your PHP version involves a few different steps and each website requires a little different approach. Here are the steps we follow with our clients:

  1. Make sure you have access to your hosting panel (Cpanel) and your WordPress website.
  2. Do a full backup of your Database and Website files.
  3. Make sure your plugins & themes are fully up to date. Plugins and themes need to support newer versions of PHP and if they haven’t been updated in a few years they may not support newer versions. Updating your PHP version without supported plugins or themes may break your website.
  4. Confirm the plugins & themes have updated.
  5. Login to your Cpanel, or host and locate the section that says “PHP Selector” or “PHP” depending on your setup.
  6. Find your domain (or home directory) and select a newer version of PHP. You want to be using a version of PHP 7.2 or above. Please note: 7.2 will no longer be supported at the end of 2019, but 7.3 may cause problems with some themes and plugins currently.
  7. After selecting the PHP version, press the set button.
  8. Reload your Website and confirm your settings have updated. You should notice the PHP warning in WordPress has now disappeared.

A few notes about updating:

  • Always make sure to contact your Web Developer if you are planning on doing the update yourself. They may have custom functions that need to be updated.
  • Confirm you know how to backup your website & restore it.
  • If you cannot change your PHP version, or a higher PHP version is not available, you must contact your host. You should also consider changing hosts ASAP.