Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against buffer overflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.
In this post I would like to install Suhosin for PHP 5.6 in a CentOS 7 server.
First upgrade PHP to the latest PHP 5.6 version.
yum --enablerepo=remi,remi-php56 install php-devel dnf install "Development Tools"
Now, installing Suhosin.
- Download the patch first:
- Extract the gunzip file:
tar -xvf suhosin-0.9.38.tar.gz
- And compiling it:
cd suhosin phpize ./configure make make install
- After finish compiling, use vi to add Suhosin to PHP configuration:
- Inside the file, write:
- And restart your web server, I’m using Apache, so this is the command:
systemctl restart httpd