Saturday, 21 May 2011

Improve PHP Security – Part I. Add Suhosin to PHP

Test PHP
Before we install anything, let’s see if PHP is working
php - v

Download Suhosin
This will download the archive, extract it to /opt and delete the original archive
tar -xzf suhosin-
rm suhosin-
mv suhosin- /opt/suhosin-

Install Suhosin
This will... install Suhosin :)
cd /opt/suhosin-
make install
echo '' > /etc/php.d/suhosin.ini
/etc/init.d/httpd restart

Test PHP again :)
Now you should have “with Suhosin...”
php - v

Good, let’s restrict open_basedir (let’s not let PHP files have access to all your files on the server)!

No comments:

Post a Comment