Early December marked the new release of PHP 7.2 offering new features, performance benchmarks and the new libsodium extension. This offers a crypto API. Further noteworthy features include improved TLS constants, language changes and oject type hiting support. Compatibility overall is high although WordPress users will need to make sure their plugins theme and core are updated.
Whilst this was a relatively minor update and performance has not improved massively from 7.1, in daily usage there are some improvements. Phoronix who report on benchmarks have noticed a 13% boost on speeds vs. 7.1 and in comparison to previous versions of PHP5.6, huge speed boosts of up to 250%.
PHP 7.2 New Features and Performance
With speed and security at the forefront of webmaster minds, it’s understandable that this has been the focus on the latest release. Libsodium is an application layer for the cryptography library which is used for encryption and hashing. With cyber security a constant threat, it’s critical that the latest standards and methods of encryption and online security are adopted. The recent launch of Argon2 hashing has become widely recommended – the algorithm makes the process of cracking a password incredibly compute intense.
As with all released, there are some depreciated functions which will no longer work. The full list can be found on PHP.net, but are also outlined below:
- Unquoted strings
- __autoload() method
PHP 7.2 for WordPress
Surprisingly over 40% of WordPress users are still running PHP5.6 which is concerning as there are many vulnerabilities within it which have since been patched in later versions. It’s also 250% slower than running the latest PHP7 which will not be benefiting website visitors, hosting data centres or ultimately the environment as it’s not as efficient. There are a number of potential reasons for this, most likely because WordPress is aimed towards hobbyists and businesses looking to update their websites themselves. As a business, we offer a monthly hosting, update and support service, however we do have a percentage of customers who prefer to take their websites and host them on very cheap providers which often have little/no support and do not regularly update their platforms. Average Joe users will probably not even be aware of what PHP actually is and have little chance of being able to navigate through cPanel or Plesk to update it. Many hosting providers including Fasthosts, have pushed a penalty out on shared hosting customers who have not actioned the simple one-click update in their control panel to switch to PHP7. This is a positive move and as we enter 2019, more and more website owners will become aware of the importance of making sure their website is not only HTTPS secure, but up to date too.
If you’re looking to update from PHP5 to PHP7, make sure that you follow best practise BEFORE you start the updates. Thankfully for web hosts who are using cPanel/Plesk, the process is super simple and through the GUI as opposed to via SSH. Before you upgrade your WordPress website to PHP7.2, be sure to complete the below:
- Back up your server (precaution, but advisable)
- Back up your website files and database
- Update WordPress to the latest version
- Update your theme and plugins to the latest versions
- Double check the themes and plugins declare PHP7.2 support in the update logs
- Prepare some time to apply the updates during low traffic periods/off peak
Once you’ve updated PHP, make sure to scan through your entire site to check functionality is still working. Make sure that your WP Dashboard is still functioning too and you’re able to create new pages/posts. Don’t panic if it’s stopped working, you have a backup or you could simply switch the version back down until you’ve worked out the cause of the issue by checking the server logs.