Joomla, WordPress, Drupal and other popular web apps are the most common target of web attacks these days, and not everybody is updating this apps as they should to keep their websites safe from vulnerabilities. Suhosin doesn’t update your app code (that’s your responsibility) but it will add another great layer of protection against common attacks for the PHP code your apps run.
How can I install Suhosin on cPanel in order to protect my websites?
On cPanel servers the installation is pretty easy, just run this command and it will do it all for you:
/scripts/phpextensionmgr install PHPSuHosin
Verify Suhosin installation by typig the following command:
php -v
If you see:
"with Suhosin v0.9.xx, Copyright (c) 2007-2014, by SektionEins GmbH"
Then it’s ready.
Full output example:
[[email protected]:~]php -v PHP 5.5.29 (cli) (built: Sep 24 2015 13:47:53) Copyright (c) 1997-2015 The PHP Group Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies with the ionCube PHP Loader v4.7.5, Copyright (c) 2002-2014, by ionCube Ltd. with Suhosin v0.9.36, Copyright (c) 2007-2014, by SektionEins GmbH
You can find more information by running php -i:
php -i | grep suhosin -i
Full output example:
[[email protected]:~]php -i | grep suhosin -i with Suhosin v0.9.36, Copyright (c) 2007-2014, by SektionEins GmbH suhosin This server is protected with the Suhosin Extension 0.9.36 suhosin.apc_bug_workaround => Off => Off suhosin.cookie.checkraddr => 0 => 0 suhosin.cookie.cryptdocroot => On => On suhosin.cookie.cryptkey => [ protected ] => [ protected ] suhosin.cookie.cryptlist => no value => no value suhosin.cookie.cryptraddr => 0 => 0 suhosin.cookie.cryptua => On => On suhosin.cookie.disallow_nul => 1 => 1 suhosin.cookie.disallow_ws => 1 => 1 suhosin.cookie.encrypt => Off => Off suhosin.cookie.max_array_depth => 50 => 50 suhosin.cookie.max_array_index_length => 64 => 64 suhosin.cookie.max_name_length => 64 => 64 suhosin.cookie.max_totalname_length => 256 => 256 suhosin.cookie.max_value_length => 10000 => 10000 suhosin.cookie.max_vars => 100 => 100 suhosin.cookie.plainlist => no value => no value suhosin.coredump => Off => Off suhosin.disable.display_errors => Off => Off suhosin.executor.allow_symlink => Off => Off suhosin.executor.disable_emodifier => Off => Off suhosin.executor.disable_eval => Off => Off suhosin.executor.eval.blacklist => no value => no value suhosin.executor.eval.whitelist => no value => no value suhosin.executor.func.blacklist => no value => no value suhosin.executor.func.whitelist => no value => no value suhosin.executor.include.allow_writable_files => On => On suhosin.executor.include.blacklist => no value => no value suhosin.executor.include.max_traversal => 0 => 0 suhosin.executor.include.whitelist => no value => no value suhosin.executor.max_depth => 0 => 0 suhosin.filter.action => no value => no value suhosin.get.disallow_nul => 1 => 1 suhosin.get.disallow_ws => 0 => 0 suhosin.get.max_array_depth => 50 => 50 suhosin.get.max_array_index_length => 64 => 64 suhosin.get.max_name_length => 64 => 64 suhosin.get.max_totalname_length => 256 => 256 suhosin.get.max_value_length => 512 => 512 suhosin.get.max_vars => 100 => 100 suhosin.log.file => 0 => 0 suhosin.log.file.name => no value => no value suhosin.log.phpscript => 0 => 0 suhosin.log.phpscript.is_safe => Off => Off suhosin.log.phpscript.name => no value => no value suhosin.log.sapi => 0 => 0 suhosin.log.script => 0 => 0 suhosin.log.script.name => no value => no value suhosin.log.stdout => 0 => 0 suhosin.log.syslog => no value => no value suhosin.log.syslog.facility => no value => no value suhosin.log.syslog.priority => no value => no value suhosin.log.use-x-forwarded-for => Off => Off suhosin.mail.protect => 0 => 0 suhosin.memory_limit => 0 => 0 suhosin.mt_srand.ignore => On => On suhosin.multiheader => Off => Off suhosin.perdir => 0 => 0 suhosin.post.disallow_nul => 1 => 1 suhosin.post.disallow_ws => 0 => 0 suhosin.post.max_array_depth => 50 => 50 suhosin.post.max_array_index_length => 64 => 64 suhosin.post.max_name_length => 64 => 64 suhosin.post.max_totalname_length => 256 => 256 suhosin.post.max_value_length => 1000000 => 1000000 suhosin.post.max_vars => 1000 => 1000 suhosin.protectkey => On => On suhosin.rand.reseed_every_request => Off => Off suhosin.rand.seedingkey => [ protected ] => [ protected ] suhosin.request.disallow_nul => 1 => 1 suhosin.request.disallow_ws => 0 => 0 suhosin.request.max_array_depth => 50 => 50 suhosin.request.max_array_index_length => 64 => 64 suhosin.request.max_totalname_length => 256 => 256 suhosin.request.max_value_length => 1000000 => 1000000 suhosin.request.max_varname_length => 64 => 64 suhosin.request.max_vars => 1000 => 1000 suhosin.server.encode => On => On suhosin.server.strip => On => On suhosin.session.checkraddr => 0 => 0 suhosin.session.cryptdocroot => On => On suhosin.session.cryptkey => [ protected ] => [ protected ] suhosin.session.cryptraddr => 0 => 0 suhosin.session.cryptua => Off => Off suhosin.session.encrypt => On => On suhosin.session.max_id_length => 128 => 128 suhosin.simulation => Off => Off suhosin.sql.bailout_on_error => Off => Off suhosin.sql.comment => 0 => 0 suhosin.sql.multiselect => 0 => 0 suhosin.sql.opencomment => 0 => 0 suhosin.sql.union => 0 => 0 suhosin.sql.user_postfix => no value => no value suhosin.sql.user_prefix => no value => no value suhosin.srand.ignore => On => On suhosin.stealth => On => On suhosin.upload.disallow_binary => 0 => 0 suhosin.upload.disallow_elf => 1 => 1 suhosin.upload.max_uploads => 25 => 25 suhosin.upload.remove_binary => 0 => 0 suhosin.upload.verification_script => no value => no value
After following this steps, you should be able to install Suhosin on cPanel without any problems. Please let us know if you have any errors or questions. Read more about Suhosin from the official Suhosin project page.