end of life of PHP 7.4

[MisterM]

Hello friends

I made a small tour on the site of PHP, the 7.4 is at the end of life to date.

PHP: Supported Versions

PHP is a popular general-purpose scripting language that powers everything from your blog to the most popular websites in the world.

www.php.net

My question, to worry

Michel

 

[Richard G]

My question, to worry

In fact... if you don't have anything like Cloudlinux, then soon yes. Because it's really EOL, so end of life and end of support. That means there will be no security updates/patches either for it. Since november 28th already.

We got our servers to a default of 8.0 now. Wanted 8.1 but since some devs take a bit longer, we choose 8.0.

I would suggest to use PHP 8.0 or 8.1 as the default php version and if you want to keep 7.4.x a bit longer so people can switch to test and update, set it to php 3 or 4.
We did, we have 2 sites on php 7.4 but they were warned. As of january 1st, we will just remove php 7.4 if they update or not since they were warned. We will just send a last message next week about the removal of php 7.4 per januari 1st. Or maybe 2nd if I had a drink too many.

 

[johannes]

I noticed a lot of wordpresses still having issues with PHP 8.1. Many many customerplugins not ready yet .. it will come an outcry .. on 1. or 2nd januar

 

[Richard G]

it will come an outcry .. on 1. or 2nd januar

No way. At least not for us.
Users were warned before and ofcourse I checked and only 3 sites still running on php 7.4.3 so no... there will be no crying, or maybe one.
But I rather have 1 crying customer than an unsecure server for 100 up2date users, just to please the 1.
So these 3 have still 3 weeks time to update, then the party is over.

WP runs fine on PHP 8.0, most addons/plugins as far as I know too. So one does not need to change to php 8.1 already... 8.0 is there still too.

Next to that.... devs should update. If your app still does not support at least php 8.0 now, you don't deserve to have your app (as a dev) being used a lot.

 

[Ohm J]

php8.0 should fine, 8.1 or 8.2 have little break change. From my old WebApp ( Pure script code ).

but I will stick for php7.4 for a year to make sure it not have buggy / and for all customer.

I will flag for all Customer that use EOL Version. "We are not responsible for websites using EOL software." .

but Im Super Admin. I can protect them for a year. ( atlest give time to let them decision ).

 

[MisterM]

I noticed a lot of wordpresses still having issues with PHP 8.1. Many many customerplugins not ready yet .. it will come an outcry .. on 1. or 2nd januar

And above all, on Ubuntu 22, it is OpenSSL 3.0, and the problem is that there is only version 8.1 that works, before Dal

 

[Richard G]

is that there is only version 8.1 that works, before Dal

OpenSSL 3.0 also supports PHP 8.0 if all is well. Just nothing below version 8.

 

[MisterM]

No way. At least not for us.
Users were warned before and ofcourse I checked and only 3 sites still running on php 7.4.3 so no... there will be no crying, or maybe one.
But I rather have 1 crying customer than an unsecure server for 100 up2date users, just to please the 1.
So these 3 have still 3 weeks time to update, then the party is over.

WP runs fine on PHP 8.0, most addons/plugins as far as I know too. So one does not need to change to php 8.1 already... 8.0 is there still too.

Next to that.... devs should update. If your app still does not support at least php 8.0 now, you don't deserve to have your app (as a dev) being used a lot.

OpenSSL 3.0 also supports PHP 8.0 if all is well. Just nothing below version 8.

No, I made the test is when I put php 8.0, it refuse to compile, it was under Ubuntu 22.04 or 05

Attachment shows you that the PHP 8.0 version, this will end in 2023 ..., course as well

 

[Richard G]

I was mistaken indeed. Thank you for correcting me.
Updated my reply.

With OpenSSL 3.0 anything below 8.1 is not supported.

 

[MisterM]

PHP: Migrating from PHP 7.4.x to PHP 8.0.x - Manual

www.php.net

 

[Driesp]

With OpenSSL 3.0 anything below 8.1 is not supported.

I noticed on Rocky 9, with Remi repo, PHP 7.4 or 8.0 is still running fine.
Does remi repo do something funky to get it running with OpenSSL 3.0?

Kr
Dries

 

[MisterM]

Packages in Fedora / RHEL / CentOS / EPEL - Package: openssl

rpms.remirepo.net

 

[Richard G]

I noticed on Rocky 9, with Remi repo, PHP 7.4 or 8.0 is still running fine.

That is odd. No custom Openssl 1.x installed? Because even PHP itself that prior to 8.1 php is not compatible with OpenSSL 3.0.

No clue as to what the remi repo does, but PHP is normally not installed via repo but source compiled by DA.

 

[Driesp]

Don't know, but I can't find it.
It looks like it is compiled with OpenSSL 3.0..

Maybe they wrote a patch to get older PHP versions compiled with OpenSSL 3.0?
Maybe this is the patch: https://bugs.php.net/bug.php?id=81278

[root@test9 ~]# rpm -qa | grep -i openssl
openssl-pkcs11-0.4.11-7.el9.x86_64
apr-util-openssl-1.6.1-20.el9.x86_64
openssl-libs-3.0.1-43.el9_0.x86_64
openssl-3.0.1-43.el9_0.x86_64

[root@test9 ~]# rpm -q --requires php74-7.4-1.el9.remi.x86_64
php74-php-cli(x86-64)
php74-php-common(x86-64)
php74-runtime
php74-runtime(x86-64) = 7.4-1.el9.remi
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1

[root@test9 ~]# rpm -q --requires php74-runtime
/bin/sh
/usr/sbin/selinuxenabled
/usr/sbin/semanage
environment-modules
php74-runtime
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1
scl-utils

[root@test9 ~]# rpm -q --requires php74-php-common
/bin/sh
config(php74-php-common) = 7.4.33-2.el9.remi
libbz2.so.1()(64bit)
libc.so.6()(64bit)
libc.so.6(GLIBC_2.14)(64bit)
libc.so.6(GLIBC_2.15)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.33)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libc.so.6(GLIBC_2.7)(64bit)
libc.so.6(GLIBC_2.8)(64bit)
libcrypto.so.3()(64bit)
libcrypto.so.3(OPENSSL_3.0.0)(64bit)
libcurl.so.4()(64bit)
libssl.so.3()(64bit)
libssl.so.3(OPENSSL_3.0.0)(64bit)
php74-php-json(x86-64) = 7.4.33-2.el9.remi
php74-runtime
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1
rtld(GNU_HASH)

 

[MisterM]

Don't know, but I can't find it.
It looks like it is compiled with OpenSSL 3.0..

Maybe they wrote a patch to get older PHP versions compiled with OpenSSL 3.0?
Maybe this is the patch: https://bugs.php.net/bug.php?id=81278

[root@test9 ~]# rpm -qa | grep -i openssl
openssl-pkcs11-0.4.11-7.el9.x86_64
apr-util-openssl-1.6.1-20.el9.x86_64
openssl-libs-3.0.1-43.el9_0.x86_64
openssl-3.0.1-43.el9_0.x86_64

[root@test9 ~]# rpm -q --requires php74-7.4-1.el9.remi.x86_64
php74-php-cli(x86-64)
php74-php-common(x86-64)
php74-runtime
php74-runtime(x86-64) = 7.4-1.el9.remi
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1

[root@test9 ~]# rpm -q --requires php74-runtime
/bin/sh
/usr/sbin/selinuxenabled
/usr/sbin/semanage
environment-modules
php74-runtime
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1
scl-utils

[root@test9 ~]# rpm -q --requires php74-php-common
/bin/sh
config(php74-php-common) = 7.4.33-2.el9.remi
libbz2.so.1()(64bit)
libc.so.6()(64bit)
libc.so.6(GLIBC_2.14)(64bit)
libc.so.6(GLIBC_2.15)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.33)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libc.so.6(GLIBC_2.7)(64bit)
libc.so.6(GLIBC_2.8)(64bit)
libcrypto.so.3()(64bit)
libcrypto.so.3(OPENSSL_3.0.0)(64bit)
libcurl.so.4()(64bit)
libssl.so.3()(64bit)
libssl.so.3(OPENSSL_3.0.0)(64bit)
php74-php-json(x86-64) = 7.4.33-2.el9.remi
php74-runtime
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1
rtld(GNU_HASH)

What are we really looking for in this message?

 

[Driesp]

Search for: libssl.so.3(OPENSSL_3.0.0)(64bit)

 

[MisterM]

A custom installation or actually searched to run PHP 7.4 for rocky 8

 

[MisterM]

Here is a tutorial that explains how to install in source mode, compile, openssl 1.1.1k

How to Install OpenSSL 1.1.1k on Rocky Linux 8 - HostnExtra

We'll explain how to install OpenSSL 1.1.1k on Rocky Linux 8 .OpenSSL is a robust, commercial-grade, and full-featured toolkit for the TLS and SSL.

www.hostnextra.com

To test ...

On the case with Ubuntu 22, is the worst is that with the end of PHP 7.4 is the most by PHP scripts that are not yet compatible with the version PHP 8 see 8.1, other OS will not wait for that, Debian, Ubuntu, CENTOS, etc. are already in openssl 3.0, I am in the same case @Driesp

We go too fast, we all pay that ...

 

[Richard G]

Well... most popular are compatible with 8.0 at least, like all forum software and Wordpress and I presume Joomla too.
Not with 8.1 indeed.
I agree that it's going too fast with PHP.

 

[MisterM]

@Richard G we are talking about this year, and I got the confirmation of 8.3, what they will release a version every 6 months?