PHP 5.6 now available, and SSL improvements

Rather shockingly, stats show that currently less than a quarter of web hosting sites run on PHP versions that haven’t been end-of-lifed by the PHP group. This means that over three-quarters are running on versions for which no bug fixes or security fixes will ever be made. This is largely the fault of web hosting companies, who aren’t being proactive in preparing, and aren’t even being reactive to end-of-life events. (When software is end-of-lifed, it doesn’t immediately stop working – but issues pile up slowly over time; hackers start to know about security problems that are found and will never be fixed, and people who make software (e.g. your WordPress plugins) stop testing their new versions on end-of-lifed software, etc.).

At Simba Hosting, we’re committed to keeping out software up to date, so that you don’t have to wrestle with or worry about any of those issues. We’re firmly in the quarter of web hosting companies who are taking responsibility for keeping your platform modern. PHP 5.5 is our current default version of PHP, and has been since before PHP 5.4 was end-of-lifed earlier this year. Now, we’re introducing PHP 5.6. Released in summer 2014, and with around 8% of WordPress websites using PHP 5.6 (which accounts for millions of websites, as WordPress powers around a quarter of all websites) it’s now well-tested and proven.

Initially, PHP 5.6 will be the default for new sites, and sites currently running on top of PHP 5.5 will be switched over slowly and gradually, before the end-of-life of PHP 5.5 in July 2016 (currently 7 months away). You should not notice any difference, as long as your website is up-to-date (e.g. WordPress plugins and themes are current versions). If you do hit any problems, or want us to keep yours on an old PHP version for longer, then just let us know.

On a different note, the advance of technology has also begun to mean that it’s no longer necessary to have a unique IP address for your website in order to use a SSL (i.e. https) certificate. In practice, this means that SSL websites now cost less, as you now only need to buy a certificate, and not an IP address as well. Almost all websites have already been seamlessly moved over, and the practical upshot is that on your next invoice, any recurring charge for your own IP address for SSL, if you had one, will no longer be there. This is automatic – you don’t need to request it; we’re pro-actively moving websites to the new technology, and removing these charges for you.