HughesJR.com - Using php-suhosin on CentOS-4 or CentOS-5

Tuesday, 02 December 2008

HughesJR.com

Using php-suhosin on CentOS-4 or CentOS-5

Powered by CentOS

Main Menu

Login Form

Latest News
Attacks on Package Managers - ummm... Using php-suhosin on CentOS-4 or CentOS-5 Using mod_gnutls on CentOS-5 Which free Enterprise Linux is best? Minimal CentOS, Scientific Linux, or White Box Enterprise Linux (WBEL) install

Popular
PostFix with DoveCot Install for CentOS-4 (WBEL-4 / TaoLinux-4 / RHEL-4) Part 1 PostFix Install for CentOS-4 (WBEL-4 / TaoLinux-4 / RHEL-4) Part 4 PostFix Install for CentOS-4 (WBEL-4 / TaoLinux-4 / RHEL-4) Part 3 Installing a LAMP (Linux Apache Mysql Php) Server on RHEL Clones Minimal CentOS, Scientific Linux, or White Box Enterprise Linux (WBEL) install

DS-Syndicate

Using php-suhosin on CentOS-4 or CentOS-5

PDF

Print

E-mail

Written by Johnny Hughes
Saturday, 11 August 2007
php-suhosin is the CentOS RPM name for the Suhosin package built from the sources provided at the Hardend PHP Project . Suhosin's creator says: " Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core." The are two parts to the protection provided by Suhosin. One is a patch that is applied to the core PHP source, causing the PHP to have to be recompiled. The other is a PHP module that is loaded as an extension by PHP. Most of the protection provided by Suhosin is via the extension, which does not require new PHP rpms, and that is all the protection that is provided by the CentOS php-suhosin RPMs. Prior to starting this Guide, you will need a working lamp server, with at least PHP and Apache (called httpd in CentOS), also mysql may or may not be installed. See this guide for a basic lamp server install, if required. Installing php-suhosin At the time of this guide, php-suhosin is currently in the CentOS Testing Repository , but will probably move from there to the CentOS Extras Repository in the future. First lets cover installing php-suhosin from the Extras repository as this is where stable CentOS RPMS reside (this currently does not work, but will be the normal install method in the future). To install php-suhosin, simply use this command: yum install php-suhosin While php-suhosin is in the CentOS Testing Repository, to install you must first download the CentOS-Testing.repo file (CentOS-5 or CentOS-4 ) and place it in the /etc/yum.repos.d/ directory on your server. After the repo file is in place, use this command to install php-suhosin from the CentOS Testing Repository: #for CentOS 5 yum --enablerepo=c5-testing install php-suhosin or #for CentOS-4 Plus version of php yum --enablerepo=c4-testing install php-suhosin or #for CentOS-4 normal (base) PHP yum --enablerepo=c4-testing --exclude=plus install php-suhosin Configuring php-suhosin The configuration file for php-suhosin is named suhosin.ini and is located in the /etc/php.d. The default file contains only the line: extension=suhosin.so Look at the Suhosin website for all the default and optional settings for php-suhosin. One issue that seems to happen frequently is that many php programs (including the xoops CMS packages) need to have this line added to the suhosin.ini file : suhosin.session.encrypt = Off The problem that causes this option to need to be disabled is that users can not login to your website. Links Suhosin: Website \| Configuration Other Suhosin Guides: Fedora7
Last Updated ( Saturday, 11 August 2007 )

© 2008 HughesJR.com

Powered by CentOS