Is what you host publicly accesible? If not, then it’s not even a concern. You could even host unsafe apps, but if you know they are entirely inaccessible, it wouldn’t change a thing.
As for php itself, it’s mostly due to the fact it’s by far and wide overwhelmingly crushing the competition. A quick Google search says it’s used by about 80% of websites. So, it has, by far, the most (negative) publicity, biggest target, and most inexperienced/bad devs working on it. Software is as secure as its made. Junior dev don’t often think about security. It’s bigger, so it happens more often.
Is what you host publicly accesible? If not, then it’s not even a concern. You could even host unsafe apps, but if you know they are entirely inaccessible, it wouldn’t change a thing.
As for php itself, it’s mostly due to the fact it’s by far and wide overwhelmingly crushing the competition. A quick Google search says it’s used by about 80% of websites. So, it has, by far, the most (negative) publicity, biggest target, and most inexperienced/bad devs working on it. Software is as secure as its made. Junior dev don’t often think about security. It’s bigger, so it happens more often.