Ubuntu PHP hardening with Suhosin
Posted on Wed 28 July 2010 in Linux • 1 min read
Ubuntu includes the php suhosin patches....
Install suhosin extension
aptitude install php5-suhosin
/etc/php5/{apache2,cli,cgi}/php.ini
; suhosin parameters
suhosin.executor.include.max_traversal = 4
suhosin.executor.disable_eval = On
suhosin.executor.disable_emodifier = On
suhosin.mail.protect = 2
suhosin.sql.bailout_on_error = On
Restart apache
service apache2 restart
Sometimes it could be necessary to set suhosin.session.encrypt to off for some login scripts.