The large majority of Magento stores globally are still running on an outdated and unsupported PHP version. If you
are on anything below version 7.2, chances are you are missing out on some performance improvements. However, more
importantly, you are exposing your store to an increased risk of potential exploits.

Why is this important? Why should you update the PHP version? How to do it with as little friction as possible? Read
till the end!

WHERE’S THE PROBLEM? WHY IS PHP VERSION THAT IMPORTANT?

let’s start with what this whole thing is about – the PHP version is essentially the version of the programming
language your website is using.

And it’s simple – new versions get the support and updates, old ones are slowly getting discontinued. The Circle of
Life really. Additionally, performance-wise, newer versions are better, and most of the new programming solutions
are probably going to be built on the latest versions, and lack backward compatibility for outdated ones.

So, if you take the Security and Performance of your website seriously, you must have one of the supported versions of PHP.

PHP SUPPORTED VERSIONS AND TIMELINES

Here is a quick look at the PHP versions and the status of support and security updates available:

• 7.3 and 7.4 – fully supported versions

• 7.2 – under security support until Nov 2020n

• 7.1 – recently discontinued security support (Dec 2019)

• 7.0 – no support since December 2018

• 5.6 and older – no support since December 2018

Full data for this is available on the official PHP website.

WHY ARE SO MANY STORES STILL USING OLDER PHP VERSIONS?

There are many reasons for this, but I’d say that most of these can fall under two categories:

“They don’t see value in spending money on this.”

or

“They weren’t aware this was an issue at all.”

The first one is very common as very few merchants have somewhat of a “security budget” in place. Most of them don’t think about such issues until they don’t see their business is running as usual.

The first one is very common as very few merchants have somewhat of a “security budget” in place. Most of them don’t think about such issues until they don’t see their business is running as usual.

SHOULD I UPGRADE TO MAGENTO 2 AS SOON AS POSSIBLE?

Not mandatorily, there are alternate ways to make your Magento 1 store compatible with newer PHP versions. There are some advantages to migrating to Magento 2, and for some merchants, this can be overkill.

You can stay on Magento 1 and make sure you are running on one of the newer versions of PHP. But, it’s always advisable to keep updated Magento version as Magento 1 support will be ended from June 2020.

HOW CAN I MAKE MY MAGENTO 1 STORE COMPATIBLE WITH PHP 7.2?

There are official patches available for making Magento 1 compatible with PHP 7.2.

I’M USING MAGENTO 2, SO I SHOULD BE OK, RIGHT?

It depends on the version of Magento 2 you are using. It’s not a given that you are automatically on one of the supported PHP versions. Magento 2.3.x versions fully support PHP 7.2 version, so if you are there, you should be safe when it comes to PHP version for now.

This article is to create awareness for Merchants and their solution providers. Running on one of the latest PHP versions is a quick win to improving both the security and performance of an online store.

Security, however, doesn’t start and end with the version of PHP or Magento you are using.

You should always be on the lookout for the official Magento patches that are coming out.

WHAT ARE MY NEXT STEPS?

Running on the supported PHP version will not make miracles happen for your store. But, it can prevent a lot of potentially bad things from happening.

The overall security and performance of any webshop is a much broader topic to cover. However, certain things can definitely help you improve in both areas. And the best part is, they shouldn’t create too much of a burden on ongoing business.

To clarify some things that may create confusion and to give you some action points:

1. If you are running a Magento 1 store on an unsupported PHP version, you should definitely update the PHP version. And do it as soon as possible. This is much more important than updating your Magento 1 store or planning a migration to Magento 2.

2. If you are on Magento 2, make sure you are using one of its latest releases (2.3.x).

3. If you are unsure about Magento 1 and Magento 2 version, before anything, consult us. We can be the one to assist you with the next steps, because we know your website inside out and guide you throughout this process.

If you need assistance with making sure you are using your Magento store in the best way possible, get in touch with us!