With WP Toolkit v6.2, we are seeing the second major WP Toolkit release of the year, and although it is a bit smaller this time around, we’ve managed to implement a bunch of hot stuff we would like to share with you going forward.
Proper handling of alt-php in outdated PHP version Warnings
Are you a WordPress user struggling with outdated PHP versions? You’re not alone. With PHP 7.4 already EOLed and no security updates available, and PHP 8.0 not supported by the ionCube loader used by some commercial plugins and themes, many people are finding it difficult to stay up to date. On top of that, many plugins are simply not compatible with PHP 8.1 yet, making it even more challenging to choose the right version.
Fortunately, there is a solution that can help WordPress users who are stuck with outdated PHP versions. The CloudLinux team is backporting security patches to older PHP versions, so their PHP handlers (alt-php) are actually secure, even if they aren’t officially supported by the PHP group. This means that users can continue to use PHP 7.4 and still receive the security updates they need.
However, there’s a catch. WP Toolkit, our popular solution for managing WordPress installations, considers PHP 7.4 to be EOLed and insecure regardless of the handler. This means that if WP Toolkit detects an EOLed PHP version, it will warn users to update their PHP version. So, what can you do if you’re a WordPress user who wants to stay on PHP 7.4 and still receive security updates? The key is to use a secure PHP handler, like CloudLinux’s alt-php. By using this handler, you can ensure that your WordPress site remains secure while still using the PHP version you prefer.
Here’s how these warnings look like:
If you do decide to stick with PHP 7.4 and use a secure handler like alt-php, be aware that WP Toolkit will not display warnings about your PHP version being EOLed.
We’ve been listening to feedback from our partners and users, and after consulting with CloudLinux, it became clear that we can omit warnings that are scaring site admins off and causing additional support load with misleading “poses a security risk” warning if we detect that the site is using alt-php since CloudLinux backports security fixes going as far back as PHP 5.1.
Overall, if you’re a WordPress user who wants to stay on PHP 7.4 and still receive security updates, using a secure handler like CloudLinux’s alt-php is the way to go. While WP Toolkit warnings about your PHP version being EOLed may be a nuisance, you can rest assured that your site is still secure.
The WP Toolkit 6.2 release sees the addition of new API methods for working with plugins and themes on an installation. This new functionality makes it easier to manage plugins and themes on your Plesk installation, providing more control and flexibility than ever before.
In addition, we’ve included improvements to the -clear-cache CLI command. Previous minor releases added several new operations to this command, and we are now adding explanations of what these operations can do for you, making it easier to clear caches effectively.
We’ve also made changes to accommodate Plesk’s recent updates to how it integrates certain extensions on the Dynamic list. These changes ensure that Plesk continues to provide seamless integration with the extensions you rely on.
As always, we’ve included several bug fixes based on customer feedback. As we continue to take customer satisfaction seriously, we are committed to prodigy the best possible experience with Plesk. We appreciate all the feedback and bug reports we receive from you and are constantly aiming to improve the platform going forward.
We are already working on our next major update, which should include more API changes, address popular customer requests, and maybe introduce a couple of small, pleasant surprises driven by the Toolkit team. Until the next!