PHP Security through Suhosin or Hardening PatchBy Angsuman Chakraborty, Gaea News Network
Monday, March 3, 2008
Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.
Unlike the PHP Hardening-Patch Suhosin is binary compatible to normal PHP installation, which means it is compatible to 3rd party binary extension like ZendOptimizer.
- Suhosin site
Do you know about Suhosin? Have you used Suhosin or PHP Hardening Patch? Would you recommend it and what are the caveats, if any? Please let us know and discuss it in the forum.