Get Your Hosting Up To Date
You've probably heard about the importance of keeping your site's code "up to date". Whether it's Drupal, Wordpress, or any other platform that wasn't built entirely from scratch for you personally, from time to time there are suggested and occasionally critical updates to the components that make up your site. There are (at least) three good reasons it's worth the effort to make these changes:
- Security - this one is a no brainer. Along with all of the incredible benefits of open source code and libraries shared across communities, you also get malicious users discovering vulnerabilities in those libraries and sending bots across the web looking for a site to exploit.
- Performance Improvements / Bugfixes - again, this seems obvious. Whether a bug is critical or just an occasional annoyance, or maybe just causes something to happen 20% slower than it needs to, things get fixed and you can easily benefit from these fixes.
- Compatibility - this one is maybe a little less clear, because you probably aren't thinking about all of the ways the various libraries interact with each other. When your site is built, it's built with the latest and greatest available at the time, but inevitably, libraries evolve. If you're using any third-party API integration, for example, they may stop supporting code that worked 4 or 5 years ago in order to add new features or deal with changes in their business offerings.
While you may be fully aware and proactive about updates to the code of your site, have you put any thought to the hosting that it runs on? If you haven't, thats understandable- usually when you pay for hosting, you put the burdens of understanding / maintaining a server on the hosting company, for good reason. People like the idea of set-and-forget shared hosting- it's cheap and efficient, and often satisfactorily serves the needs of sites with low to moderate traffic requirements when configured properly.
We have no beef with this approach - we often suggest and help configure shared hosting accounts for our clients, and generally believe that the security of a shared host may actually be better than a custom server build that someone is going to have to proactively maintain / monitor for threats. Let the hosting companies do the hosting, we build websites!
However, shared hosting companies know their audience, and their audience is not generally on the "bleeding edge" of technological advances (nor are they paying for them). As a result, they lean much more towards making sure things continue to work as-is, rather than making proactive - and possibly expensive - architecture changes that may cause service disruptions or force users to update site code to continue to function properly.
So what does this mean for you?
Do you have a shared hosting plan that you purchased 2 or more years ago for a site that hasn't been rebuilt in that time? If so, the odds are you are running a fully deprecated and technically unsupported version of PHP, the server side language that is the backbone of your Drupal or Wordpress site.
When Drupal 7 was released in 2011, PHP 5.3 was the standard supported version. It reached end of life (meaning no more effort would be put towards security updates and it should cease being used) in 2014. By the time the first "supported" version of Drupal 8 came out in 2015, PHP 7.0 was well established, and on December 31, 2018, anything less than 7.1 was officially outdated.
However, I'd venture a guess that around half of the Drupal and Wordpress sites on shared hosting packages are running php 5.6 or lower.
Both platforms have done their best to maintain backwards compatibility as they evolve, but there will be a time where this falls apart. I can think of multiple times I've begun the process of adding a feature to a client's site, only to find that a necessary library requires a newer PHP version. Eventually, site updates will become problematic, and new features will be hard or impossible to implement. If a critical security update for your CMS is released, but your site can't handle the latest version of the codebase, you'll have to delay getting the patch in place while you get everything else up to date, leaving you vulnerable at a critical time.
But hands down, the most important reason to make this update is performance. It's been proven by numerous studies that there is an instant, measurable speed improvement with the update that makes it an obvious choice.
The good news - with some very minor effort, you can likely speed up your site and ensure future compatibility and stability. While most hosting companies aren't requiring you to update to the latest "supported" version (yet!), they are offering it to those whose sites can support it with configuration options in their control panels.
If your hosting company isn't able to offer you PHP 7 in 2019, that's a major red flag that they are on some very outdated architecture and it's time to start shopping around.
Not sure what you're running and want an assessment? Need a little help making sure your code is future-compatible? We'd love to help you get up to date and speed up your site, just drop us a line!