Installing Suhosin by Patching PHP Source

October 2009 • By admin • cPanel

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.

For more information about PHP, visit http://www.php.net/.

Download Suhosin

Before patching, you need to download the Suhosin patch from the official website. Always verify the MD5 hash of the downloaded files to ensure integrity.

Patch PHP

First, download the PHP source code. Then apply the Suhosin patch:

cd /usr/local/src
wget http://www.php.net/distributions/php-x.x.x.tar.bz2
tar xjf php-x.x.x.tar.bz2
cd php-x.x.x
patch -p1 -i /path/to/suhosin-patch-x.x.x-xx.patch

Compile PHP with Suhosin

./configure --with-suhosin [other options]
make
make install

Verify Installation

After compilation, verify Suhosin is loaded:

php -v

The output should include "with Suhosin-Patch" to confirm it was applied correctly.

Configure Suhosin

Add Suhosin configuration to your php.ini:

suhosin.executor.include.whitelist = phar