Hi agenciesFirst,
I’m very sorry to hear you had frustrating experience and weren’t able to activate the plugin.
However, it’s important to understand that we have very good reasons behind decisions like this. We’ve been increasing required minimums as slowly as possible over the last year or so. We increased the minimum required version to PHP 5.3 a year ago, and only recently in February increased it to 5.3.21. This was all noted in the plugin’s Changelog, and documentation.
PHP 5.3.21 was released 3 years ago, so I’m not sure how asking users to make sure they are using a PHP version released 3 years ago is applying pressure…I just can’t agree with that statement.
For security reasons (not to mention performance), whatever version of PHP you are using, you should be using the latest release. If you’re on 5.3, you want to be using 5.3.29 (if you absolutely cannot or will not upgrade).
If you take a moment to look at the history of PHP releases:
- PHP 5.2 – Released 2 Nov 2006 and retired 6 Jan 2011 (Last release 5.2.17) – Launched 10 years ago, and retired 5 years ago.
- PHP 5.3 – Released 30 June 2009 and retired 14 Aug 2014 (Last release 5.3.29) – Launched 7 years ago, and retired 1.5 years ago.
- PHP 5.4 – Released 1 March 2012 and retired 3 Sep 2015 (Last release 5.4.45) – Launched 4 years ago, and retired 0.5 years ago.
So, PHP reached its End of Life (EOL) 5 years ago, and is no longer supported by the PHP team, meaning: no more updates, and most importantly, no more security updates. Likewise, PHP 5.3 reached EOL 1.5 years ago, and PHP 5.4 reached EOL 6 months ago. So, no more security updates for PHP 5.2, 5.3, or 5.4. Ouch.
It’s just not a good security practice to continue to use PHP versions that are outdated and not receiving security updates…it’s the OS for a web server…that’s not a small deal! Running an outdated version of PHP on your site may leave some open doors for hackers. (The WordPress requirements page notes this as well.) There are unpatched security vulnerabilities for each of these retired PHP versions: 5.2, 5.3, and 5.4.
These days, things move quickly. Global cybersecurity threats, new technology, more efficient code…all keep us moving forward. PHP 5.3 is already ancient. We’re up to PHP 7.0 now.
You can see we have an excellent reason to push the minimum required version up! We only pushed it up to a version that’s already 3 years old. That’s quite reasonable! And if security were the only concern, we would be making PHP 5.5 the required minimum.
It’s important to remember that even though you as a single user may not have experienced any security issues (that you know of), there are a lot more users and environments to consider, and we have to look at the overall global picture of security.
There are a ton of benefits to upgrading. The newer versions are far more efficient…and faster. Just wait till you try out 7.0. ??
We’re definitely not trying to leave anyone out by not supporting PHP versions below 5.3.21. We’re just trying to do the right thing by our users.
Your web host probably already has higher versions of PHP installed on your server. (It’s not like your desktop computer that only has one Operating System version…on a hosted website, PHP has several at once, and you just have to tell it which you want to use.) They usually have all the versions up to the current version. Almost every web host out there has PHP 5.5 and 5.6 available. You usually just need to go into your cPanel (or other control panel) and make the change. If that isn’t available, and you send in a support request, they will be happy to switch it for you. It’s just a configuration change, so it’s not like a whole new OS needs to be installed, and is very easy and quick for them (or you) to do.
IF, and this is a big IF, your web host does not have anything higher than PHP 5.3, please do yourself a favor and leave them immediately for another web host that has up to PHP 5.6 or 7.0.
I hope that helps!
– Scott
We do have more info on this (if you’re interested) in the plugin’s minimum requirements section.
If you need help with this or anything else, we will be happy to help…just head over to the WP-SpamShield Support page, and submit a support request.
