Why are you running an EOL version of PHP?

Why are you still running an EOL version of PHP?

  • I don't have access to upgrade PHP myself, and the server owner won't do it for me

    Votes: 7 4.4%

  • I can't upgrade because other software I use requires an old version of PHP

    Votes: 23 14.6%

  • I lack the technical know-how to upgrade PHP

    Votes: 5 3.2%

  • I don't consider updating PHP to be particularly important

    Votes: 2 1.3%

  • I’m running PHP 7.latest and that’s fine for me

    Votes: 14 8.9%

  • I’m running PHP 8 🥳

    Votes: 107 67.7%
  • Total voters
    158
Kier said:
You may have noticed that with the release of XenForo 2.2.5 today, we have started to recommend PHP 8 as the ideal version for XenForo. PHP 8 is a huge step forward from PHP 7 and we'd love to be able to take advantage of it some day.

But our statistics show that there are still large numbers of XenForo licensees running the latest versions of XenForo on ancient versions of PHP like 7.0 - there is even a fairly large contingent still on PHP 5.6.

It's a bit galling to have to make the required version of PHP for XenForo something that was declared End of Life several years ago, so we'd like to know why you're still running an old version, if you are.
Click to expand...
Just curious. It's 3 years later, does XF see a tighter cluster of clients on PHP 8, or is there still a large contingent on PHP 7?

Also, and an even better question, why would XF (as a company) care? If XF releases a version with a minimum required PHP version, it's the responsibility of the customer to meet it before upgrading. You either upgrade your PHP or you don't get the latest version.
 
AjayJunkies said:
why would XF (as a company) care?
Click to expand...

Making more stringent requirements will cause many to not be able to upgrade and in turn will impact future sales/profit. Not everyone has the ability or knowhow to upgrade their PHP. It's just not worth it for XenForo to lose all those sales.
 
bzcomputers said:
Making more stringent requirements will cause many to not be able to upgrade and in turn will impact future sales/profit. Not everyone has the ability or knowhow to upgrade their PHP. It's just not worth it for XenForo to lose all those sales.
Click to expand...
If your host doesn't allow you to use a version of PHP that is supported (which currently is 8.1 for security updates only, and 8.2 and 8.3 for active support) you should not be using them, period
 
Jake B. said:
If your host doesn't allow you to use a version of PHP that is supported (which currently is 8.1 for security updates only, and 8.2 and 8.3 for active support) you should not be using them, period
Click to expand...

Servers that use enterprise grade Linux packages for PHP, like those provided by Red Hat (and as a result, Alma and Rocky), have security patches backported to earlier versions of PHP.

Red Hat 8 supports PHP 7.4+ through 2029. Red Hat 9 supports PHP 8.0+ through 2032.

There are also 3rd party support services that have backports going back further, with 5.x still supported.

Yes, you should upgrade if possible, but there are sometimes circumstances that require putting it off.
 
Jake B. said:
If your host doesn't allow you to use a version of PHP that is supported (which currently is 8.1 for security updates only, and 8.2 and 8.3 for active support) you should not be using them, period
Click to expand...
It doesn't necessarily have to do with what PHP options a host offers. If they're on a dedicated server they'll likely never be forced by a host to upgrade. At some point XenForo will decide to cut off support for older PHP versions and force them to upgrade if the want to run the latest XenForo. In the mean time the longer XenForo can hold out on increasing their minimum PHP requirements the more renewals they will get. Supporting old code can be a pain, but sometimes losing sales hurts more. XenForo, like every software company, contemplates that dilemma all the time.
 
In case anyone's wondering, here's the PHP versions across all reporting XF versions:

1727432499795.webp

Sometimes we drill down a little because, while there's not many, customers who are sticking with 2.1 are not really representative and they may affect the percentages. People who are on 2.2 and obviously 2.3 are more likely in future to upgrade to 2.4 or 3.0.

So here's the stats for users reporting 2.2:

1727432645040.webp

And 2.3:

1727432669151.webp

Given this, while not entirely decided yet, minimum for XF 2.4 will likely be 7.4 and, as already announced, the minimum for 3.0 will be 8.0.

AjayJunkies said:
Also, and an even better question, why would XF (as a company) care? If XF releases a version with a minimum required PHP version, it's the responsibility of the customer to meet it before upgrading. You either upgrade your PHP or you don't get the latest version.
Click to expand...
We care because we don't want to unnecessarily inconvenience users - upgrading to a major software version has its own challenges, so having to also deal with upgrading PHP and other server software at the same time just adds to that.

It's a balance because we want to keep pushing the envelope, particularly opening up new language features for us to use, but we don't want to leave too many people behind.

There are obviously financial incentives for us to get as many people on latest versions as possible, but it's negligible. What's probably more valuable is more users on a new version, the more feedback we get from bugs and suggestions, therefore shaping future versions.
 
MySiteGuy said:
Servers that use enterprise grade Linux packages for PHP, like those provided by Red Hat (and as a result, Alma and Rocky), have security patches backported to earlier versions of PHP.

Red Hat 8 supports PHP 7.4+ through 2029. Red Hat 9 supports PHP 8.0+ through 2032.

There are also 3rd party support services that have backports going back further, with 5.x still supported.
Click to expand...
Indeed some distros backport security patches as well as REMI's PHP YUM repositories. With that said, new PHP security releases are now available for PHP versions 8.1.30, 8.2.24, and 8.3.12, addressing security vulnerabilities CVE-2024-4577, CVE-2024-8925, CVE-2024-8926, CVE-2024-8927, and CVE-2024-9026. For details, visit the official PHP website: https://www.php.net/. Please check with your web host, system administrator, or control panel provider to ensure you’re running the latest secure versions.

For my Centmin Mod users: I have updated both 131.00stable and 140.00beta01 with backported security patches, covering the now end-of-life PHP versions 5.6, 7.0-7.4, and 8.0. You can find more details here.

Chris D said:
Given this, while not entirely decided yet, minimum for XF 2.4 will likely be 7.4 and, as already announced, the minimum for 3.0 will be 8.0.
Click to expand...
Thanks Chris for the info :)
 
Last edited:
@Chris D can we get another pie chart for PHP version breakdown for 2.3 as it stands today, please? With the 8.0 requirement for 2.4, I'm interested to see if I can possibly push it further in my own addons to encourage 8.1 or newer adoption 👀 Maybe 3.0 could be 8.1 or even 8.2...
 
From an XF perspective, no... they aren't requring that version so no native functions new to it are in use.

From a pure php perspective, it's a little faster on a few functions, again, i don't think XF is leveraging any of them though.
 
You must log in or register to reply here.

Similar threads

Hoffi
Which database are you running?
Replies
1
Views
381
Mendalla
Mendalla
Digital Doctor
Are you running vBulletin and xenForo simultaneously on your site ?
Replies
2
Views
635
Digital Doctor
Digital Doctor
Back
Top Bottom