Protecting PHP Installation with Suhosin Security Patch in CentOS
Suhosin Is an advanced protection system for PHP installations. It aims to protect servers and users from known and unknown vulnerabilities in PHP applications and PHP core. Suhosin Divided into two separate parts that can be used individually or in combination. The first part is a small patch for the PHP core, which implements some low-level protection against buffer overflows or format string vulnerabilities, and the second part is a powerful feature PHP extension Implement all other protective measures.
Install Suhosin patch with source code
First time installation PHP development Package and download the latest version Suhosin patchUse the wget command and unzip it.
# yum install php-devel # wget http://download.suhosin.org/suhosin-0.9.33.tgz # tar -xvf suhosin-0.9.33.tgz
Now follow these commands to compile suhosin patch for php installation.
# cd suhosin-0.9.33 # phpize # ./configure # make # make install
Create suhosin configuration file By adding a suhosin extension to it.
# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini
Restart web server Apache, Nginx Either Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Install Suhosin patch using EPEL repository
First, open the EPEL repository and type the following yum command to install:
# yum install php-devel # yum install php-suhosin
Restart web server Apache, Nginx Either Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Verify Suhosin Patch
Type the following command to verify the installation of suhosin.
# php -v
To find more information about the suhosin patch, create the following file under the web server root directory. E.g, (/ var / www / html /).
# vi phpinfo.php
Add the following lines to it.
Now try to access the page using any web browser and enter http: //youripaddress/info.php. You will see it on the screen below.