|
php-suhosin is the CentOS RPM name for the Suhosin package built from the sources provided at the Hardend PHP Project . Suhosin's creator says: " Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core." The are two parts to the protection provided by Suhosin. One is a patch that is applied to the core PHP source, causing the PHP to have to be recompiled. The other is a PHP module that is loaded as an extension by PHP. Most of the protection provided by Suhosin is via the extension, which does not require new PHP rpms, and that is all the protection that is provided by the CentOS php-suhosin RPMs. Prior to starting this Guide, you will need a working lamp server, with at least PHP and Apache (called httpd in CentOS), also mysql may or may not be installed. See this guide for a basic lamp server install, if required.
Installing php-suhosin
At the time of this guide, php-suhosin is currently in the CentOS Testing Repository , but will probably move from there to the CentOS Extras Repository in the future. First lets cover installing php-suhosin from the Extras repository as this is where stable CentOS RPMS reside (this currently does not work, but will be the normal install method in the future). To install php-suhosin, simply use this command: yum install php-suhosin
While php-suhosin is in the CentOS Testing Repository, to install you must first download the CentOS-Testing.repo file (CentOS-5 or CentOS-4 ) and place it in the /etc/yum.repos.d/ directory on your server. After the repo file is in place, use this command to install php-suhosin from the CentOS Testing Repository:#for CentOS 5
yum --enablerepo=c5-testing install php-suhosin or #for CentOS-4 Plus version of php
yum --enablerepo=c4-testing install php-suhosin or #for CentOS-4 normal (base) PHP
yum --enablerepo=c4-testing --exclude=*plus* install php-suhosin Configuring php-suhosinThe configuration file for php-suhosin is named suhosin.ini and is located in the /etc/php.d. The default file contains only the line: extension=suhosin.so Look at the Suhosin website for all the default and optional settings for php-suhosin. One issue that seems to happen frequently is that many php programs (including the xoops CMS packages) need to have this line added to the suhosin.ini file : suhosin.session.encrypt = Off The problem that causes this option to need to be disabled is that users can not login to your website. LinksSuhosin: Website | Configuration Other Suhosin Guides: Fedora7 |
Home 
