Install Suhosin PHP 5 Protection Security Patch

Posted: 6p in Php
Tags:

WordPress and many other open source application developers asks users to protect PHP apps using Suhosin patch to get protection from the full exploit. Suhosin is an advanced protection system for PHP installations. It was designed to protect your servers from various attacks. How do I install Suhosin under RHEL / CentOS / Fedora Linux?
A. Suhosin was designed to protect your servers against a number of well known problems in PHP applications and on the other hand against potential unknown vulnerabilities within these applications or the PHP core itself including wordpress and many other open source php based apps.

Install Suhosin as extension

Download latest version of Suhosin, enter:
# cd /opt
# wget http://download.suhosin.org/suhosin-0.9.27.tgz
Make sure you have php-devel installed:
# yum install php-devel
Compile Suhosin under PHP 5 and RHEL / CentOS Linux
Type the following commands:
# cd suhosin-0.9.27
# phpize
#./configure
# make
# make install
Configure Suhosin
Type the following command to create Suhosin configuration file:
# echo ‘extension=suhosin.so’ > /etc/php.d/suhosin.ini

Restart web server
# service httpd restart
If you are using lighttpd, enter:
# service lighttpd restart

Verify Suhosin installation
$ php -v
Sample output:
PHP 5.1.6 (cli) (built: Jun 12 2008 05:02:36)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies
with XCache v1.2.2, Copyright (c) 2005-2007, by mOo
with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH

You can find more information by running phpinfo():
=================================================================>

Advertisements
Comments
  1. Kathy says:

    Greetings I am so grateful I found your website, I really found
    you by error, while I was searching on Google for something
    else, Regardless I am here now and would just like to say kudos for
    a fantastic post and a all round thrilling blog
    (I also love the theme/design), I don’t have time to look over it all at
    the minute but I have saved it and also added your RSS feeds,
    so when I have time I will be back to read more, Please
    do keep up the great b.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s