Suhosin Security?

Discussion in 'Linux VPS/Dedicated - cPanel' started by Yogesh Sarkar, Jun 9, 2008.

  1. Yogesh Sarkar

    Yogesh Sarkar New Member

    Came across a post on vbulletin forum about suhosin security:

    Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.

    Unlike our Hardening-Patch Suhosin is binary compatible to normal PHP installation, which means it is compatible to 3rd party binary extension like ZendOptimizer.
    ""
    http://www.hardened-php.net/suhosin.127.html

    Has anyone used it?

    If yes did it cause any problems with any script and is it actually useful?

    Would love to hear what the tech guys from knownhost think about this.
     
  2. LeMarque

    LeMarque Member

    I do.

    Sometimes it prevents editing, like in WHMCS of tlds, etc., so you can either use phpmyadmin or comment it out in the ini file and then re-enable if it causes problems.
     
  3. Dan

    Dan Moderator

    Hello Yogesh,

    I've been using it for years and have only ever seen one valid thing get stopped by it. Course everyone's got different apps and expectations so your mileage may vary.

    You can build it in using Easyapache in WHM.
     

Share This Page