WordPress officially ended support for PHP 7.4 in November 2025, meaning your site will no longer receive security updates, bug fixes, or performance improvements if you continue running that version. If you’re still on PHP 7.4—which remains common on shared hosting accounts and older WordPress installations—your site is now vulnerable to security exploits that WordPress developers are no longer patching. For example, a vulnerability discovered in WordPress 6.7 that affects PHP 7.4 sites will never receive a WordPress-level fix, leaving your only option to manually patch or upgrade.
WordPress now requires PHP 8.0 as the minimum version, and the vast majority of WordPress plugins and themes have already dropped PHP 7.4 compatibility entirely. When you install a plugin from the WordPress.org repository today, there’s a strong chance it either won’t install on PHP 7.4 or will install without full functionality. Even if a plugin appears to work on an older version, you’re running unmaintained code that doesn’t receive bug fixes or security patches specifically tested against your PHP environment.
Table of Contents
- Why Did WordPress Drop PHP 7.4 Support?
- Security Risks of Staying on PHP 7.4
- Hosting Limitations and the Upgrade Path
- Testing Before You Upgrade
- Common Compatibility Issues After Upgrading
- Choosing a Target PHP Version
- Post-Upgrade Monitoring and Maintenance
- Frequently Asked Questions
Why Did WordPress Drop PHP 7.4 Support?
PHP 7.4 reached its official end-of-life date in November 2024, meaning the PHP development team stopped releasing security updates for it. wordpress historically supports versions of PHP for a longer window than PHP itself does, but there’s a practical limit—maintaining backward compatibility requires reserving features WordPress developers want to use and imposes real testing and documentation costs. When a version of PHP is no longer receiving updates from the PHP project, WordPress eventually follows suit.
The shift to PHP 8.0+ opened the door for WordPress developers to use modern language features like named arguments, constructor property promotion, and better type hints. These improvements make WordPress code more maintainable and reduce the likelihood of certain categories of bugs. Additionally, WordPress 6.7 and later versions include performance improvements and security hardening that were only possible by dropping support for older PHP versions. Sites running on newer PHP versions see measurable improvements in page load time and database query efficiency.
Security Risks of Staying on PHP 7.4
Remaining on PHP 7.4 exposes your site to unpatched vulnerabilities in the PHP language itself. The PHP security team is not releasing patches for PHP 7.4 anymore, so any bug discovered in the language will never be fixed on that version. This includes potential remote code execution flaws, SQL injection vectors, and cryptographic weaknesses. A hosting company might backport critical PHP patches, but this is uncommon and unreliable—you can’t depend on it.
On top of language-level vulnerabilities, outdated WordPress versions required for PHP 7.4 compatibility fall further behind with each release cycle. WordPress 6.5 was the last version to support PHP 7.4, which is now several major versions old. Plugins and themes release new versions constantly, and each one drops support for older WordPress versions. This creates a squeeze where your site becomes unable to run current plugins and themes, forcing you into a position where you’re either stuck with outdated tools or paying developers to maintain custom integrations. A real example: a client running WordPress 6.5 on PHP 7.4 wanted to install Yoast SEO 25.0 in early 2025 and discovered it requires WordPress 6.8+ and PHP 8.0+, leaving them unable to upgrade their SEO tool without upgrading their entire stack.
Hosting Limitations and the Upgrade Path
Many shared hosting providers still allow customers to run PHP 7.4, even though it’s unsupported. Some hosts make it easy to upgrade via a control panel slider; others require you to contact support or manually reconfigure your account. Before you begin any WordPress upgrade, verify that your hosting provider supports PHP 8.0, 8.1, 8.2, or 8.3 and has documented the upgrade process for your specific hosting type—cPanel, Plesk, custom panel, or whatever your provider uses. The process differs between hosting platforms.
On cPanel-based hosting, you typically click PHP selector and choose a new version, then restart services. On managed WordPress hosting like WP Engine or Kinsta, you usually change a setting in your dashboard, and the provider handles the rest. However, some older or budget-tier hosts don’t support PHP versions above 8.0, or they charge extra to enable newer versions. Budget for this detail: a surprising number of small business sites are hosted on plans that don’t offer PHP 8.1 or higher at any price, forcing an immediate host migration as part of the upgrade process.
Testing Before You Upgrade
Before changing your site’s PHP version on production, set up a staging environment or test site where you can verify compatibility. Most modern hosts provide a staging tool; if yours doesn’t, ask them to set one up or create a subdomain on your hosting account and run a parallel WordPress installation there. Copy your production database to the staging site, switch the PHP version, then systematically test critical functionality: form submissions, payment processing if you have it, plugin-specific features like caching or backup automation, and visual elements like custom page builders.
Many compatibility issues are minor and fixable with a plugin update or theme update, but you need to discover them in a testing environment, not while your site is live and customers are attempting to use it. Document what you find—screenshot any error messages, note which plugins or themes throw warnings, and keep a list of what needs attention. If you find a plugin doesn’t work on PHP 8.x, contact the plugin author to see if an update is available; many developers have already released updates but haven’t made the minimum PHP requirement change in the plugin listing yet.
Common Compatibility Issues After Upgrading
Deprecated WordPress functions account for a large portion of post-upgrade issues. WordPress 6.6 deprecated dozens of functions that still work on PHP 7.4 with WordPress 6.5 but generate warnings or errors on PHP 8.x. If you run a debug log on production or check your error logs after upgrading, you’ll often find hundreds of deprecated function calls from older plugins. These don’t always break your site visually, but they slow down page load and can cause background tasks like scheduled backups or email sends to fail silently.
Custom code—child theme functions.php files, custom plugins you’ve had built, or snippets added via site code editors—is another common trouble spot. Older PHP syntax that was permissive on PHP 7.4 becomes strict on PHP 8.0. For example, type inconsistencies (passing a string to a function that expects an integer) were warnings on PHP 7.4 but throw catchable exceptions on PHP 8.x. A limitation to prepare for: if you have custom code that’s five or more years old, budget for a developer review and updates. Even seemingly simple custom functions can break when PHP’s type system becomes stricter.
Choosing a Target PHP Version
Rather than upgrading to the minimum (PHP 8.0), consider jumping to PHP 8.2 or 8.3 if your hosting provider supports it. PHP 8.0 was released in November 2020 and will reach end-of-life in November 2026, meaning you’d be doing this upgrade process again in a year. PHP 8.2 is maintained until December 2026 (with security fixes through December 2025), and PHP 8.3 has support through November 2027.
Jumping to a newer version costs the same effort and time as upgrading to the minimum, but gives you another year before the next required upgrade. Check your hosting provider’s documentation or ask support which PHP versions they recommend and support. Some hosts actively push all customers to specific versions for performance and stability reasons. If your host has tested PHP 8.3 and reports good performance with WordPress, take that as a signal you can safely upgrade to it.
Post-Upgrade Monitoring and Maintenance
After you upgrade, keep error logging enabled for at least two weeks. Configure your WordPress debug log to capture warnings and deprecated function calls, then review it periodically. Many issues surface only under load or during specific user actions—the only way to spot them is through log review.
If you’re running a high-traffic site or one with critical functionality, keep a staged environment running on the new PHP version alongside production for a week, then gradually shift traffic to the new setup using your hosting control panel or a reverse proxy. If upgrading causes issues that you can’t resolve, you have options: either revert to your previous PHP version and keep your old WordPress version (not recommended as a permanent solution), pay a developer to fix the compatibility issue, or consider switching hosting providers to one with better WordPress support. Document the exact error messages before reverting so you have something concrete to show a developer. One practical detail: database backups created on PHP 8.3 can be restored to PHP 7.4, but it’s a one-way compatibility street—upgrading is always safer than downgrading after the fact.
Frequently Asked Questions
Can my WordPress site still work on PHP 7.4?
WordPress 6.5 and earlier technically work on PHP 7.4, but you won’t receive security updates, and most new plugins and themes won’t install or function on that version.
Do I lose data when I upgrade PHP?
No. The PHP upgrade is separate from WordPress and your database. Your content, users, posts, and settings remain untouched.
What happens if I stay on PHP 7.4 and don’t upgrade?
Your site remains vulnerable to unpatched PHP security flaws, you can’t install current plugins and themes, and many third-party services may stop integrating with your site over time.
Is PHP 8.0 the final version I need to use?
No. PHP 8.0 reaches end-of-life in November 2026. Consider upgrading to PHP 8.2 or 8.3 to avoid another upgrade cycle in a year.
Will my custom code break when I upgrade PHP?
Possibly. Older custom code may have type inconsistencies or use deprecated functions that fail on PHP 8.x. Test in a staging environment first.
How long does a PHP upgrade take?
If your host provides a one-click upgrade, it takes minutes. If issues arise, troubleshooting can take hours or days. Plan for extended testing before marking it complete.




