62% of the Websites soon to be Vulnerable by December 2018

According to statistics from W3Techs, roughly 78. percent of all Internet sites today run on PHP.

PHP is used by 78.9% of all the websites.
Version 5 is used by 61.9% of all the websites.

PHP	78.9%
Version 5	61.9%
	W3Techs.com, 14 October 2018
Percentage of websites using PHP

But on December 31, 2018, security support for PHP 5.6.x will officially cease, marking the end of all support for any version of the ancient PHP 5.x branch.

This means that starting with next year, around 62 percent of all Internet sites still running a PHP 5.x version will stop receiving security updates for their server and website's underlying technology, exposing hundreds of millions of websites, if not more, to serious security risks.

If a hacker finds a vulnerability in PHP after the New Year, lots of sites and users would be at risk.

Of the big three --WordPress, Joomla, and Drupal-- only Drupal has made the official step to adjust its minimum requirements to PHP 7, but that move will come in March 2019. Ironically, the 7.0.x branch has reached EOL on December 3, 2017, which doesn't actually solve anything, but it's still a step forward.

Here's where WordPress' notifications for users who are running sites on outdated PHP versions will come to help --making people either update their server or ask their hosting provider for a more modern hosting environment.

And if server administrators and website owners need more convincing, I'll end this article with the same ending that Martin Wheatley used for his "ticking PHP time bomb" piece from over the summer.

Yes it does cost time and money, but what's worse, a small monthly support fee, or a headline "Site hacked, thousands of user details stolen" followed by a fine for up to 20 million euros or 4% of your turnover under GDPR... I know what I'd rather pay.

Source: ZDNet