| Author |
|
underxp
Joined: 16 Jan 2006
Posts: 34
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
 Posted: Sat 10 Nov '07 0:22 Post subject: |
 |
|
| Which experience do you have with suhosin? |
|
| Back to top |
|
underxp
Joined: 16 Jan 2006
Posts: 34
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Wed 19 Mar '08 10:21 Post subject: |
|
|
I've tried it now a longer time. It reduces the speed a bit. But more worse is that PHPMyAdmin has problems with it  |
|
| Back to top |
|
NewEraCracker
Joined: 23 Aug 2010
Posts: 36
|
| Posted: Mon 23 Aug '10 4:38 Post subject: |
|
|
Any updates?
Can anyone please compile suhosin extension for php 5.2.14 TS VC6? |
|
| Back to top |
|
Caffeine Addict
Joined: 06 Sep 2010
Posts: 6
Location: England
|
| Posted: Fri 29 Oct '10 12:50 Post subject: Compile Request |
|
|
Could someone compile suhosin extentions for the different versions of php? I have been scouring the internet for three days now and haven't been able to find any precompiled dll extentions for windows php suhosin.
If someone that has the knowledge to do this could they possibley spend some time compiling them and i'll host them on both www.kevandrews.co.uk and on www.zpanel.co.uk. This way thousands of people will have access to suhosin for their windows based installs instantly, which i feel would be great!
Please either post back or e-mail me at kjandrews0@gmail.com to chat if you have the ability to compile this extension for windows php versions 5.2.9 and upwards  |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Fri 29 Oct '10 15:41 Post subject: |
|
|
| Use PHP 5.3 the suhosin code has been included into the source code. |
|
| Back to top |
|
Caffeine Addict
Joined: 06 Sep 2010
Posts: 6
Location: England
|
| Posted: Fri 29 Oct '10 16:32 Post subject: |
|
|
I would but our Zpanel project uses Zend guard to stop people ripping off the main kernal files. Zend Guard only encodes up to 5.2.*.
So pratically speaking we could really do with a 5.2.* version dll made up...
Also i have seen so many posts about people wanting this for php 5.2.*... it would be very helpful for our project at zpanel and help many others secure a multi hosting enviroment... |
|
| Back to top |
|
NewEraCracker
Joined: 23 Aug 2010
Posts: 36
|
| Posted: Tue 22 Feb '11 1:08 Post subject: |
|
|
I've managed to compile suhosin for php 5.2 and 5.3 and will edit this post soon with a download link
---
Suhosin v0.9.32.1 for PHP 5.2.17+ and 5.3.5+ VC6 TS & NTS:
| Code: | | http://www.mediafire.com/file/h8x4i2a6myxkh4n/php_5.2_5.3_vc6_suhosin.zip |
---
By the way, Suhosin may break some scripts. In order to prevent that, you should uncomment the following entries and change to the values bellow:
| Code: | suhosin.session.encrypt = Off
suhosin.get.max_name_length = 512
suhosin.get.max_totalname_length = 512
suhosin.get.max_value_length = 1024
suhosin.post.max_array_index_length = 256
suhosin.post.max_name_length = 512
suhosin.post.max_totalname_length = 8192
suhosin.post.max_vars = 4096
suhosin.request.max_array_index_length = 256
suhosin.request.max_totalname_length = 8192
suhosin.request.max_vars = 4096
suhosin.request.max_varname_length = 512 |
Last edited by NewEraCracker on Tue 06 Sep '11 0:34; edited 1 time in total |
|
| Back to top |
|
darkangel
Joined: 30 Jan 2010
Posts: 5
|
| Posted: Mon 25 Jul '11 19:37 Post subject: |
|
|
| Does anyone know where I can find a VC9 build of Suhosin? |
|
| Back to top |
|
NewEraCracker
Joined: 23 Aug 2010
Posts: 36
|
| Posted: Thu 28 Jul '11 12:59 Post subject: |
|
|
I could build it. I have VC9 (2008) installed.
Just gotta download the SDK and the php 5.3 deps from windows.php.net
I'll see what I can do 
Last edited by NewEraCracker on Fri 09 Sep '11 14:17; edited 1 time in total |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Thu 28 Jul '11 13:42 Post subject: |
|
|
| NewEraCracker wrote: |
I'll see what I can do |
AFAIK most of the Suhosin patch has been integrated into 5.3. Also the last patch is for PHP 5.1.4 .... |
|
| Back to top |
|
darkangel
Joined: 30 Jan 2010
Posts: 5
|
| Posted: Thu 28 Jul '11 13:58 Post subject: |
|
|
| NewEraCracker wrote: | I could build it. I have VC9 (2008) installed.
Just gotta download the SDK and the php 5.3 deps from windows.php.net
I'll see what I can do |
That's very kind of you, NewEraCracker, but don't worry too much, as I don't really need it anymore. I needed it to test an issue I was having with sessions, but I fixed the problem another way.
Regards,
_da. |
|
| Back to top |
|
NewEraCracker
Joined: 23 Aug 2010
Posts: 36
|
| Posted: Fri 29 Jul '11 15:02 Post subject: |
|
|
Suhosin Extension is still cool to protect of typical nullbyte issues and other issues php doesn't have protection built-in.
I'll do this today, just grabbing the sdk
---
Done 
Suhosin Extension v0.9.32.1 for PHP 5.3.6+ TS VC9
Build cmd:
| Code: | | configure --disable-all --enable-cli --enable-session --enable-zlib --enable-object-out-dir="." --enable-one-shot --enable-suhosin="shared" |
It should work in php 5.3.x official windows.php.net TS VC9 builds.
| Code: | | http://www.mediafire.com/file/bcesd9ezkt96v66/php_suhosin-0.9.32.1-5.3-ts-vc9.zip |
|
|
| Back to top |
|
NewEraCracker
Joined: 23 Aug 2010
Posts: 36
|
| Posted: Tue 06 Sep '11 0:36 Post subject: |
|
|
I've found some issues with phpmyadmin using suhosin in php
I've updated this post with a more relaxed configuration in order to fix any issues. |
|
| Back to top |
|
puertoblack2003
Joined: 31 Jul 2009
Posts: 121
Location: U.S
|
| Posted: Sat 24 Sep '11 6:32 Post subject: |
|
|
| NewEraCracker wrote: | I've found some issues with phpmyadmin using suhosin in php
I've updated this post with a more relaxed configuration in order to fix any issues. |
thanks this is a great security feature for my server.I hope this continues for future updates. |
|
| Back to top |
|
rockjock
Joined: 25 Mar 2011
Posts: 8
|
| Posted: Tue 28 Feb '12 4:14 Post subject: |
|
|
| Any chance of us getting a 5.3.10-compatible version of this extension? |
|
| Back to top |
|
