[wp-trac] [WordPress Trac] #54338: Site Health dashboard: "insecure PHP"

WordPress Trac noreply at wordpress.org
Fri Oct 29 08:51:31 UTC 2021 

#54338: Site Health dashboard: "insecure PHP"
---------------------------+-----------------------------
 Reporter:  JavierCasares  |      Owner:  (none)
     Type:  enhancement    |     Status:  new
 Priority:  normal         |  Milestone:  Awaiting Review
Component:  Site Health    |    Version:
 Severity:  normal         |   Keywords:
  Focuses:  ui-copy        |
---------------------------+-----------------------------
 Since WordPress 5.1, the [https://make.wordpress.org/core/2019/01/14/php-
 site-health-mechanisms-in-5-1/ WordPress dashboard has advice about the
 old PHP versions], and it says something like:

 ''WordPress has detected that your site is running an insecure version of
 PHP.''

 This is really not accurate because it can be insecure or not. For
 example, in a few days we will have PHP 8.1, so PHP 7.3 will be end-of-
 life, but this doesn't really mean that will be insecure by default.

 Maybe is more accurate, using [https://www.php.net/supported-versions.php
 the same words as PHP says] in this case: "end of life".

 PHP has 3 options:
 - Active support: A release that is being actively supported. Reported
 bugs and security issues are fixed and regular point releases are made.
 - Security fixes only: A release that is supported for critical security
 issues only. Releases are only made on an as-needed basis.
 - End of life: A release that is no longer supported. Users of this
 release should upgrade as soon as possible, as they may be exposed to
 unpatched security vulnerabilities.

 Probably, a text like this will be better:

 ''WordPress has detected that your site is running an end-of-life / no
 longer supported version of PHP.''

 ''WordPress has detected that your site is running an end-of-life version
 of PHP.''

 ''WordPress has detected that your site is running a no longer supported
 version of PHP.''

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/54338>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list