Protect PHP Installation with Suhosin Security Patch in RHEL / CentOS / Fedora
Suhosin is an open source advanced security and protection patch system for PHP installation. The main goal of suhosin is to protect servers and users against various unknown vulnerabilities and other known and unknown flaws in applications including WordPress and many other php based applications.
In this article we will show you two methods for installing Suhosin Patch under RHEL / CentOS / Fedora systems. Please note in some Linux distributions like Debian and Ubuntu, suhosin shipped by default.
See also : Protect Linux Servers with LMD (Linux Malware Detect)
The first part includes using source code installation and the second part instillation is by turning on third party epel repository.
Part 1: Installing Suhosin Patch using Source Code
First install dependency package php-devel and then download latest version of suhosin patch using wget command and unpack it.
# yum install php-devel # wget http://download.suhosin.org/suhosin-0.9.33.tgz # tar -xvf suhosin-0.9.33.tgz
Next, run the following commands to compile suhosin patch for php installation.
# cd suhosin-0.9.33 # phpize # ./configure # make # make install
Create the suhosin configuration file by adding suhosin extension to it.
# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini
Restart the web server Apache, Nginx or Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Part 2: Installing Suhosin Patch using EPEL repository
Turn on EPEL repository under RHEL / CentOS systems and then run the following command to install it. (Note : Fedora user’s don’t need to add epel repository).
# yum install php-devel # yum install php-suhosin
Restart the web server Apache, Nginx or Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Verify Suhosin Patch
Type the following command to verify suhosin installation.
# php -v
PHP 5.3.3 (cli) (built: Jul 3 2012 16:40:30) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH
To find out more information about suhosin patch create the following file under your web server root directory. For example, (/var/www/html/).
# vi phpinfo.php
Add the following lines to it.
<?php phpinfo (); ?>
Now try to access the page using any web browser and type http://yourdomain.com/phpinfo.php. You will see below screen.
Suhosin comes with default configuration and works out of the box, no further changes needed. But if you would like configure it according to your setup, then visit the suhosin configurate page for more information.
PHP 5.1 için ne yapmalıyız
make install
Installing shared extensions: /usr/lib64/php/modules/
?
guys, this is not about a Suhosin *Patch*, it’s just about its extension :)
I got this error. Any thing I missed?
/root/suhosin-0.9.33/suhosin.c: In function âsuhosin_register_cookie_variableâ:
/root/suhosin-0.9.33/suhosin.c:649: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
/root/suhosin-0.9.33/suhosin.c:686: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
/root/suhosin-0.9.33/suhosin.c: In function âsuhosin_register_cookie_variable_safeâ:
/root/suhosin-0.9.33/suhosin.c:717: error: âstruct _php_core_globalsâ has no member named âmagic_quotes_gpcâ
make: *** [suhosin.lo] Error 1
@Ketan,
Can you tell me which PHP version you are running? Suhosin patch is not yet compatible with php 5.4. It will work with upto 5.3 only.
Ah. Thats explain it. I am using 5.4++. Thanks. :)