diff --git a/roles/shell/tasks/packages.yml b/roles/shell/tasks/packages.yml
index 3c7a80c..e432a5b 100644
--- a/roles/shell/tasks/packages.yml
+++ b/roles/shell/tasks/packages.yml
@@ -162,7 +162,6 @@
       - php-gd
       - php-imap
       - php-intl
-      - php-mcrypt
       - php-mysql
       - php-pspell
       - php-recode
diff --git a/roles/webserver/files/etc/apache2/mods-available/php7.3.conf b/roles/webserver/files/etc/apache2/mods-available/php7.3.conf
new file mode 100644
index 0000000..0758ea6
--- /dev/null
+++ b/roles/webserver/files/etc/apache2/mods-available/php7.3.conf
@@ -0,0 +1,25 @@
+<FilesMatch ".+\.ph(ar|p|tml)$">
+    SetHandler application/x-httpd-php
+</FilesMatch>
+<FilesMatch ".+\.phps$">
+    SetHandler application/x-httpd-php-source
+    # Deny access to raw php sources by default
+    # To re-enable it's recommended to enable access to the files
+    # only in specific virtual host or directory
+    Require all denied
+</FilesMatch>
+# Deny access to files without filename (e.g. '.php')
+<FilesMatch "^\.ph(ar|p|ps|tml)$">
+    Require all denied
+</FilesMatch>
+
+# Running PHP scripts in user directories is disabled by default
+# 
+# To re-enable PHP in user directories comment the following lines
+# (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
+# prevents .htaccess files from disabling it.
+#<IfModule mod_userdir.c>
+#    <Directory /home/*/public_html>
+#        php_admin_flag engine Off
+#    </Directory>
+#</IfModule>
diff --git a/roles/webserver/tasks/apache2-mods.yml b/roles/webserver/tasks/apache2-mods.yml
index 4a25c43..2850dea 100644
--- a/roles/webserver/tasks/apache2-mods.yml
+++ b/roles/webserver/tasks/apache2-mods.yml
@@ -8,9 +8,9 @@
   apache2_module:
     name: ssl
     state: present
-- name: php7.0
+- name: php7.3
   apache2_module:
-    name: php7.0
+    name: php7.3
     state: present
 - name: rewrite
   apache2_module: