Protect PHP Installation with Suhosin Security Patch in RHEL / CentOS / Fedora

Suhosin is an open source advanced security and protection patch system for PHP installation. The main goal of suhosin is to protect servers and users against various unknown vulnerabilities and other known and unknown flaws in applications including WordPress and many other php based applications.

Install Suhosin in Linux

Install Suhosin Patch for PHP Installation in Linux

In this article we will show you two methods for installing Suhosin Patch under RHEL / CentOS / Fedora systems. Please note in some Linux distributions like Debian and Ubuntu, suhosin shipped by default.

See also : Protect Linux Servers with LMD (Linux Malware Detect)

The first part includes using source code installation and the second part instillation is by turning on third party epel repository.

Part 1: Installing Suhosin Patch using Source Code

First install dependency package php-devel and then download latest version of suhosin patch using wget command and unpack it.

# yum install php-devel
# wget http://download.suhosin.org/suhosin-0.9.33.tgz
# tar -xvf suhosin-0.9.33.tgz

Next, run the following commands to compile suhosin patch for php installation.

# cd suhosin-0.9.33
# phpize
# ./configure
# make
# make install

Create the suhosin configuration file by adding suhosin extension to it.

# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini

Restart the web server Apache, Nginx or Lighttpd.

# service httpd restart
# service nginx restart
# service lighttpd restart

Part 2: Installing Suhosin Patch using EPEL repository

Turn on EPEL repository under RHEL / CentOS systems and then run the following command to install it. (Note : Fedora user’s don’t need to add epel repository).

# yum install php-devel
# yum install php-suhosin

Restart the web server Apache, Nginx or Lighttpd.

# service httpd restart
# service nginx restart
# service lighttpd restart

Verify Suhosin Patch

Type the following command to verify suhosin installation.

# php -v
PHP 5.3.3 (cli) (built: Jul  3 2012 16:40:30)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH

To find out more information about suhosin patch create the following file under your web server root directory. For example, (/var/www/html/).

# vi phpinfo.php

Add the following lines to it.

<?php

     phpinfo ();
?>

Now try to access the page using any web browser and type http://yourdomain.com/phpinfo.php. You will see below screen.

Suhosin Configuration

Suhosin Configuration Preview

Suhosin comes with default configuration and works out of the box, no further changes needed. But if you would like configure it according to your setup, then visit the suhosin configurate page for more information.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Ravi Saive

I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

5 Responses

  1. Alper says:

    PHP 5.1 için ne yapmalıyız

    make install
    Installing shared extensions: /usr/lib64/php/modules/

    ?

  2. PowerUser says:

    guys, this is not about a Suhosin *Patch*, it’s just about its extension :)

  3. Ketam says:

    I got this error. Any thing I missed?

    /root/suhosin-0.9.33/suhosin.c: In function âsuhosin_register_cookie_variableâ:
    /root/suhosin-0.9.33/suhosin.c:649: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
    /root/suhosin-0.9.33/suhosin.c:686: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
    /root/suhosin-0.9.33/suhosin.c: In function âsuhosin_register_cookie_variable_safeâ:
    /root/suhosin-0.9.33/suhosin.c:717: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
    make: *** [suhosin.lo] Error 1

Leave a Reply to Alper Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.