The ticking timebomb. 62% of all websites still runs PHP 5.X version. "These branches are now EOL, are insanely popular, and are unsupported --the perfect conditions of plentiful targets with bad security that draw in attackers."

· · Web · 2 · 8 · 3

@j_opdenakker While being correct that 5.x is EOL distributions like and still patches 5.X on supported versions and will do so until the versions is EOL. Guess also RH will do so, but a bit more uncertain about that. So I would say it isn't as bad as the story claims. Sure, the time is still running out for 5.x

@j_opdenakker I host about 200 websites, and their owners can choose from any PHP version that still gets security updates (5.6-7.2).

About 180 of them are still on 5.6. They will all be updated as soon as security fixes stop.

I suspect many other hosts will do the same. Once official upstream security fixes end they will move to the next version.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.