PHP
PHP is one of the most common server-side languages on the web, underpinning a large fraction of CMS and custom application stacks. It is usually inferred from X-Powered-By headers, session-cookie names such as PHPSESSID, and .php URL patterns.
End-of-life PHP versions no longer receive security fixes, so an exposed version banner is a useful risk signal. The language itself is neutral — what matters is the application running on top of it and the behaviour the scan records.
Commonly deployed alongside PHP
Of the 45,689 public scans where PHP was detected, these are the technologies most often present on the same site. The share is the percentage of PHP sites that also ran each one.
| Technology | Category | Share of PHP sites |
|---|---|---|
| MySQL | wappalyzer | 82% |
| MetaGenerator | miscellaneous | 73.91% |
| WordPress | cms | 73.51% |
| jQuery | wappalyzer | 69.79% |
| JQuery | miscellaneous | 61.2% |
| Open-Graph-Protocol | miscellaneous | 54.11% |
| WordPress | wappalyzer | 49.96% |
| Google Analytics | wappalyzer | 37.6% |
| HTTP/3 | wappalyzer | 36.57% |
| Cloudflare | wappalyzer | 32.24% |
| HSTS | wappalyzer | 31.86% |
| Script | miscellaneous | 29.3% |
| Cloudflare Bot Management | wappalyzer | 27.75% |
| PoweredBy | miscellaneous | 25.83% |
How ScanMalware detects PHP
PHP is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that PHP is present, but how it is being used. Open the full search interface for PHP →
Recent public scans featuring PHP
A rolling sample of recent public scans where PHP was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| Homepage - Astea SpA https://www.asteaspa.it | 2026-06-17 |
| Comune di Rosta https://www.comune.rosta.to.it | 2026-06-17 |
| Ordine Ingegneri di Forlì-Cesena https://www.ordineing-fc.it | 2026-06-17 |
| Newsletter Sign Up | Hughes Pumps Ltd https://www.hughes-pumps.co.uk/newsletter/ | 2026-06-17 |
| Ordine Avvocati Barcellona Pozzo di Gotto https://www.ordineavvocatibarcellonapg.it | 2026-06-17 |
| Comune di Villanova Marchesana https://www.comune.villanovamarchesana.ro.it | 2026-06-17 |
| Home - Provincia di Vibo Valentia https://www.provincia.vibovalentia.it | 2026-06-17 |
| Bedford College Group | The Bedford College Group | Further and Higher Education http://www.bedford.ac.uk | 2026-06-17 |
Frequently asked questions about PHP
- Does using PHP mean a website is unsafe?
- No. PHP is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using PHP can be perfectly safe or actively malicious.
- How many sites using PHP has ScanMalware scanned?
- PHP has been detected in 45,689 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with PHP?
- Across scanned sites, PHP is most often seen alongside MySQL, MetaGenerator and WordPress. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.