PHP 7 review: Upgrading For Performance and Security Reasons Usage statistics indicate that PHP accounts for over 80 percent of all websites, topping 240 million sites according to the Netcraft web server survey (2013). PHP 7 (2015) is the most important revolution for PHP since the release of PHP 5 in 2004. The speed and security improvements alone make upgrading to PHP 7 worthwhile. In this post, we will discuss these improvements in more details. Jan 31, 2017 Source: digitalocean.com Perfomance Reasons for Upgrading to PHP7. Why is PHP7 faster? PHP 7 is based on the PHPNG engine that speeds up PHP applications more than the previous PHP interpreter (Zend Engine 2.0). Thanks to PHPNG, your apps see up to 2x faster performance and 50% better memory consumption than PHP 5.6, allowing you to serve more concurrent users without adding any additional hardware. This means that your server returns pages to your users twice as fast. It also means that a single server can handle twice as many requests and you could need half as many servers in order to serve the same number of customers at the same speed as they did before. It has an impact in terms of real-world dollars. Case Studies: Upgrading from PHP5 to PHP7 It is worth spending time on upgrading the code of the PHP-based applications from PHP 5 to PHP 7. Case studies from top companies make it clear that this is a good business decision. Etsy PHP7 Case Study Etsy is a popular PHP-based online marketplace for handmade and vintage goods that has been in operation since 2005 (29 million items listed on its website, 54 million registered users, among them 1.4 million active sellers, and 19.8 million active buyers). Initially it was written in PHP 5, and later, was switched to HHVM (Virtual Machine for PHP). After migration to PHP 7, Etsy was significantly better from such perspectives as the memory and system/user CPU usage, homepage/listing delivery speed and number of hosting servers. Tumblr PHP7 Case Study Tumblr is a popular PHP-based microblogging and social networking website that has been in operation since 2007 (the website has about 555 million monthly visitors and hosts over 320.5 million blogs). Up until the end of August 2016, Tumblr has upgraded its servers and web app’s code from PHP 5 to PHP 7. As it has been reported, almost immediately Tumblr’ developers saw the latency drop by half, and the CPU load on the servers decrease by at least 50%, often more. Not only did their servers start serving pages twice as fast, they are also doing it using half the amount of CPU resources. Badoo PHP7 Case Study Badoo is a popular PHP-based dating social network that operates in 180 countries since 2006 (331 million users). Initially, it was written in PHP 4, and was later switched to mainly PHP 5. Up until the start of 2016, an app server cluster at Badoo consists of a bit more than 600 servers. After migration to PHP 7, by cutting CPU usage in half, Badoo freed up around 300 servers ($100,000 a year in hosting cost savings) and got a visual performance boost at the same time (overall response time improved by about 40%)! Source: zend.com/en/resources/php7_infographic Zend’s company Performance benchmarks The Zend Performance Team ran performance benchmarks on popular PHP apps to compare PHP 5.6, PHP 7, and HHVM 3.7. For most real-world applications such as eCommerce and CMS platforms, PHP 7 offers a significant performance boost. With execution time more than twice as fast compared to PHP 5.6 and 30 percent lower memory consumption, servers running PHP 7 are able to serve up to three times as many Magento requests as those running PHP 5.6. Drupal 8 runs 72 percent faster and WordPress only executes 25M CPU instructions on a PHP 7 runtime compared to just under 100M to do the same job on older PHP versions. Zend Performance team also tested how various PHP frameworks perform under PHP 7. Security Reasons for Upgrading to PHP7 Each released branch of PHP is fully supported for two years from its initial stable release. During this period, bugs and security issues that have been reported are fixed and are released in regular point releases. After this two year period of active support, each branch is then supported for an additional year for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports. Once the three years of support are complete, the branch reaches its end of life and is no longer supported. Millions of PHP applications (up to 86 percent according to W3Techs data) are relying on unsupported versions that expose the business to a multitude of well-documented security vulnerabilities. PHP 7 offers better security improvements compared to PHP 5, including a filtered un-serialized function and a set of functions to easily get cryptographically secure random numbers. We should keep in mind that we have to advice our clients to upgrade PHP distribution on an operational server. And, of course, new PHP-based web applications should be developed with the newest versions of PHP. Vladimir Kazankov I am a Customer Success Manager at Belitsoft custom software development company. Do you like my posts? Please, share it and post your opinion!