Ubuntu PHP hardening with Suhosin
Ubuntu includes the php suhosin patches….
Install suhosin extension
aptitude install php5-suhosin
/etc/php5/{apache2,cli,cgi}/php.ini
; suhosin parameters suhosin.executor.include.max_traversal = 4 suhosin.executor.disable_eval = On suhosin.executor.disable_emodifier = On suhosin.mail.protect = 2 suhosin.sql.bailout_on_error = On
Restart apache
service apache2 restart
Sometimes it could be necessary to set suhosin.session.encrypt to off for some login scripts.