How to Install PHP SuHosin on a cPanel/WHM Server

PHP Hardening – How to Install/Enable PHPSuHosin on a cPanel Server

 

What is PHP Suhosin ?

PHP is a widely used server side scripting language. Hackers can easily hack your website if there is a small vulnerability in your PHP installation. It is very difficult to recover a hacked website and the hacker might have already accessed your private information stored in the server. In webhosting field security is very important. PHPSuHosin is an open source patch and PHP extension that is used to secure PHP installations from these hackers. It is actually a protection system for PHP websites hosted on the servers, it protects all websites that have insecure coding. Suhosin comes in two independent parts, the first Part is a patch for the PHP core and the second part is PHP extension that will secure PHP. You can either use both or you can use it separately.

On a cPanel Server you can install PHP suhosin using cPanel script /scripts/phpextensionmgr OR you can run easyapache to enable PHPSuHosin Protection.
 

 
How to check whether PHP Suhosin is already enabled on your cPanel/WHM Server.

Run the below command to check whether PHP suhosin is already installed on your Linux Server
 

root@server [~]# php -m | grep -i suhosin —-> PHP suhosin not installed on this cPanel Server.
root@server [~]#

root@server [~]# php -m | grep suhosin —–> PHP suhosin is installed on this cPanel Server.
suhosin

 

Command to Check whether PHP Suhosin is installed

Command to Check whether PHP Suhosin is installed

PHP suhosin is not installed on the above cPanel Server. If PHP suhosin is already installed then there is no need to do the below steps.

You can also check PHP Suhosin by creating a phpinfo file under your website.
 

 
Steps to Install PHP suhosin Protection on cPanel/WHM Server

Log into your cPanel Server via SSH as root and do the below steps to install PHPSuHosin.

By default PHP suhosin will not be enabled on cPanel servers.
 

 
METHOD 1 :

Install PHP Suhosin using cPanel script “phpextensionmgr”.

This method is very easy and it will take only few seconds to Install.

Command : /scripts/phpextensionmgr install PHPSuHosin
 

=========================
root@server [~]# /scripts/phpextensionmgr install PHPSuHosin
Installing PHPSuHosin
Determining PHP version
Configuring for:
PHP Api Version: 20121113
Zend Module Api No: 20121212
Zend Extension Api No: 220121212
———————

Installing shared extensions: /usr/local/lib/php/extensions/no-debug-non-zts-20121212/
find . -name \*.gcno -o -name \*.gcda | xargs rm -f
find . -name \*.lo -o -name \*.o | xargs rm -f
find . -name \*.la -o -name \*.a | xargs rm -f
find . -name \*.so | xargs rm -f
find . -name .libs -a -type d|xargs rm -rf
rm -f libphp.la modules/* libs/*
SuHosin extension, version suhosin-0.9.38, activated for php version 5.5
=============================

Below command shows PHP Suhosin is enabled.
—–
root@server [~]# php -m | grep suhosin
suhosin
—–

 

 
METHOD 2 :

Run easyapache on the server to enable PHP suhosin, this method will take more time compared to above.

Command to run easy apache on Linux Server : /scripts/easyapache

Under “Exhaustive Options” You can see suhosin PHP option.

Enable php Suhosin in Easyapache

Enable php Suhosin in Easyapache

Install PHP Suhosin via Easyapache

Install PHP Suhosin via Easyapache

You might see the warning “Are you fully aware of the implications of this option and able to administer it?. Select “ok” to continue with suhosin Installation.

Install PHPsuhosin cPanel WHM Server

You can also run Easyapache from WHM frontend.

After easyapache create a phpinfo.php file under your domain to check whether suhosin is enabled on the server.

http://yourdomain.com/phpinfo.php

Phpinfo to check whether Suhosin is Enabled

Phpinfo to check whether Suhosin is Enabled

The above PHP info file shows suhosin is enabled.