• Marubi

    (@marubi)


    I just need someone to help me figure out what my next step is. Thanks in advance!

    Right now, people visiting our website are getting the “Security Warning, etc.” even though our certificate is current. I had a warning that my php needed to be updated, so I backed up the site first, then contacted my host, who instructed me to go to my host web settings, update it to 7.4, so I did. But after several days, I’m still getting this on my wp dashboard: “Your site is running on an outdated version of PHP (7.3.33-7+0~20220929.100+debian11~1.gbpdb2e49), which does not receive security updates. It should be updated.” (I asked my host if it made sense to update to 8.0, but did not hear back.)

    All the other plug ins are updated. The ones I don’t use I’ve deleted. I’ve deleted unused themes, and the theme I use is an old one, but a good one: Pilcrow. Very versatile. Very “plug and play”.

    The only other thing that shows up on my WP dashboard, is that the Spectra plug in needs to be updated to version 2.12.6., but it shows a tag that says, “This update does not work with your version of PHP.”

    My host also informed me: “It looks like you are using a CDN service, Stackpath, so you’ll want to let them know your IP address has changed to the following…etc.” But I didn’t see any plug in or tool relating to Stackpath on my WP dashboard, went to the Stackpath website to see if we had an account, haven’t heard back. Then I wondered if the service that helped us update our certificate last time, SSL Zen, was somehow connected to Stackpath but after several tries they haven’t gotten back to me either.

    Finally, after running a site health check, it looks like I have an “outdated SQL server” with the note, “you should consider running MariaDB version 10.4 or higher” — so I will contact my host next, about that, and ask again about the PHP to 8.0.

    These are the types of maintenance problems I have, but they only happen every couple of years or so. The design of the wordpress site, works perfectly fine for our small non-profit, and I can handle that, as well as updating the plug-ins, etc. But when the maintenance problems mean that the site is down for several days or a couple of weeks — by the time I go back and forth to my host (Laughing Squid), dig around endlessly in wordpress forums, try to contact other support resources that never get back to me,I’m wondering if there is an easier way, that isn’t a lot more expensive per year, because we have to watch our costs. At least so that our website isn’t giving security warning for days on end. Any suggestions?

    Thanks again!

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Marubi

    (@marubi)

    Thanks so much, for your quick response! Some of this I’ve already done, but you’ve prioritized what I need to do.

    Once I get the php resolved, I’ll look into hosting services.

    Much appreciated!

    Right now, people visiting our website are getting the “Security Warning, etc.” even though our certificate is current.

    No, your certificate is NOT “current”. It expired on 11th March.

    Your hosting provider boasts on their sales page that “SSL is automatically enabled with a free, auto-renewing Let’s Encrypt certificate”, so you should not even need to use SSL Zen at all, and you should not have a site with an expired certificate.

    Something is not right on the hosting side.

    My host also informed me: “It looks like you are using a CDN service, Stackpath, so you’ll want to let them know your IP address has changed to the following…etc.”

    Your hosting provider boasts on their sales page that they have “built-in CDN powered by StackPath”. If their own support doesn’t know this basic fact about their service, that’s not a host I’d trust my site with. What else do they not know?

    Seems there are many issues with your site.

    But the core one is that your version of PHP is still 7.3, despite the supposed upgrade you did. Here’s what I think is going on:

    • Your host has multiple versions of PHP already installed, as different customers have different needs. That’s standard for shared hosting providers.
    • When you clicked the button to upgrade PHP to 7.4, all that did (or was supposed to have done) was switch your site to use PHP7.4. You’re not actually installing PHP 7.4 (because this is server-wide software) and the old version PHP7.3 remains on the server for other customers to use.
    • Meanwhile, and this is very common on shared hosting plans, inside your site’s folder there’s a user-level web server configuration file (often .htaccess or user.ini or something else) that has a line of code pointing to the old PHP version (7.3 in your case).
    • This user-level configuration file takes precedence over the button you clicked in the control panel… so your site effectively remains on the older PHP version.

    Again, this is a very common scenario that I expect your hosting provider to know how to troubleshoot and resolve… especially for a “managed WordPress hosting” service.

    I’m wondering if there is an easier way, that isn’t a lot more expensive per year, because we have to watch our costs.

    Recommendations for individual hosting providers are not allowed here.

    Instead, WordPress itself has a recommended list of hosting providers here: https://www.ads-software.com/hosting/

    In your specific case, your host is merely a reseller for Pressable (for their Managed WordPress offering) and LiquidWeb (for their Cloud Sites plans). This is publicly disclosed on their website. So you could cut the middle person and go directly to the source. Better yet, for a more hands-off solution, consider moving to Pressable’s “sister” company WordPress.com — both are owned by Automattic.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Incomplete PHP update: who do I go to next?’ is closed to new replies.