CentOS / RHEL 6: Install Suhosin PHP Advanced Protection System

Suhosin is an open source patch for PHP. How do I install suhosin under CentOS / Red Hat Enterprise Linux server running on my IBM server?

Suhosin patch is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.

Install Suhosin using source code method

The following method should work with any version of RHEL/CentOS Linux operating system. Type the following command to grab source code:
$ wget https://download.suhosin.org/suhosin-0.9.38.tar.gz
Untar it:
$ tar xvf suhosin-0.9.38.tar.gz
Compile it:
$ cd suhosin*
$ phpize
$ ./configure
$ make
$ sudo make install

Create /etc/php.d/suhosin.ini
# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini
Restart httpd server:
# service httpd restart
Verify it:
# php -v

Installation (binary method using yum)

First, turn on EPEL repo and type the following yum command to install the same:
# yum install php-suhosin
Sample outputs:

Loaded plugins: product-id, protectbase, rhnplugin
0 packages excluded due to repository protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package php-suhosin.x86_64 0:0.9.29-2.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
 Package             Arch           Version                 Repository    Size
 php-suhosin         x86_64         0.9.29-2.el6            epel          73 k
Transaction Summary
Install       1 Package(s)
Total download size: 73 k
Installed size: 187 k
Is this ok [y/N]: y
Downloading Packages:
php-suhosin-0.9.29-2.el6.x86_64.rpm                     |  73 kB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
  Installing : php-suhosin-0.9.29-2.el6.x86_64                             1/1 
Installed products updated.
  Verifying  : php-suhosin-0.9.29-2.el6.x86_64                             1/1 
  php-suhosin.x86_64 0:0.9.29-2.el6                                            


You need to edit /etc/php.d/suhosin.ini, enter:
# vi /etc/php.d/suhosin.ini
For most users the Suhosin will work out of the box without any change to the default configuration needed. However, you may need to make changes as per your setup. See this page for more information.

Restart the web server

Type the following command to restart Apache 2:
# service httpd restart
Lighttpd user type the following command:
# service lighttpd restart
Nginx user type the following command:
# service nginx restart

Test your setup

Type the following command
$ php -v
Sample outputs:

PHP 5.3.3 (cli) (built: Jun 25 2012 04:41:23) 
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
    with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

You can also use phpinfo():


Sample output:

Fig.01: Suhosin is an open source patch for PHP

See also:

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

How to Make Website WCAG Compliant?

Next Post

Link download Kali Linux 2020.1 (ISO + Torrent)

Related Posts