Suhosin for PHP in EasyApache 4 (EA4)
As a server administrator I want Suhosin for all available PHP versions in EasyApache 4 (EA4) so that I can better mitigate malicious PHP activity and better protect my systems. Prior to EA4 we could find Suhosin in both stock EasyApache 3 (EA3) and the Hardened PHP (alt-php) packages from CloudLinux, but after migrating to EasyApache 4 Suhosin support was lost. Please bring back support for Suhosin so there is improved feature parity in EA4 when compared to its predecessor, EA3. I do not want to rely solely on other mechanisms like ModSecurity which are not consistently supported (e.g., mod_security not available when using ITK or ruid2).
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
This has been released and is now available in EasyApache4. You can see the package listed in the changelog for 2017-04-18
https://documentation.cpanel.net/display/EA4/EasyApache+4+Change+Log
This has been released and is now available in EasyApache4. You can see the package listed in the changelog for 2017-04-18
https://documentation.cpanel.net/display/EA4/EasyApache+4+Change+Log
I understand that if an older version of PHP is not supported in the latest suhosin, that a different version of suhosin could be used for that specific PHP version, which I believe is what the CloudLinux HardenedPHP (alt-php) packages offer. At a minimum, I think EA4 should include the latest suhosin in the versions of PHP that the latest suhosin supports, and then if an older PHP version requires an older suhosin version, to consider supplying that older suhosin version in the older PHP version, or determine if HardenedPHP packages might be able to fill-in the gaps for those needing legacy PHP support.
I understand that if an older version of PHP is not supported in the latest suhosin, that a different version of suhosin could be used for that specific PHP version, which I believe is what the CloudLinux HardenedPHP (alt-php) packages offer. At a minimum, I think EA4 should include the latest suhosin in the versions of PHP that the latest suhosin supports, and then if an older PHP version requires an older suhosin version, to consider supplying that older suhosin version in the older PHP version, or determine if HardenedPHP packages might be able to fill-in the gaps for those needing legacy PHP support.
Suhosin is supported in EasyApache3, why would it not be supported in EasyApache4? Seems like a great idea to me and well worth the effort given the added security it offers.
Suhosin is supported in EasyApache3, why would it not be supported in EasyApache4? Seems like a great idea to me and well worth the effort given the added security it offers.
The absence of the Suhosin is my only obstacle to the use of EasyApache 4
The absence of the Suhosin is my only obstacle to the use of EasyApache 4
Since always has been offered suhosin in cpanel.
I have serious security problems with the use of eval.
I need suhosin in cpanel
Since always has been offered suhosin in cpanel.
I have serious security problems with the use of eval.
I need suhosin in cpanel
This is another of many examples in which Cpanel has not been considered with the community in the change, almost forced towards EA4. It is incredible that so arbitrarily, Cpanel remove one system to replace another, eliminating features so necessary for its tens of thousands of customers.
This is another of many examples in which Cpanel has not been considered with the community in the change, almost forced towards EA4. It is incredible that so arbitrarily, Cpanel remove one system to replace another, eliminating features so necessary for its tens of thousands of customers.
Yes... is important I upgraded 3 servers to easyapache with out suhosin and 2 joomlas had been compromised.
Yes... is important I upgraded 3 servers to easyapache with out suhosin and 2 joomlas had been compromised.
We're also waiting for suhosing support in EA4, meanwile we're going to keep EA3.
We're also waiting for suhosing support in EA4, meanwile we're going to keep EA3.
We have more than 50 shared hosting servers in BenzaHosting. We have only migrated 5 with EA4. We do not want to continue migrating to EA4 for not having suhosin
We have more than 50 shared hosting servers in BenzaHosting. We have only migrated 5 with EA4. We do not want to continue migrating to EA4 for not having suhosin
Hi,
We'll be building out php-suhosin for EA4 here shortly. I've created case EA-5847 to track this. When we've started working on it, I'll be sure to update this feature request.
Thanks to all for your feedback!
Hi,
We'll be building out php-suhosin for EA4 here shortly. I've created case EA-5847 to track this. When we've started working on it, I'll be sure to update this feature request.
Thanks to all for your feedback!
I built these packages over the weekend for suhosin. You can install php-suhosin for PHP54 - PHP56 off the EA4-experimental repository now. Once we receive feedback on how it works, we'll promote this package to our EA4 mainline repositories.
Make sure to replace '##' with 54 for PHP version 5.4, for example.
You can read more about the experimental repo here:
https://documentation.cpanel.net/display/EA4/The+Experimental+Repository
I built these packages over the weekend for suhosin. You can install php-suhosin for PHP54 - PHP56 off the EA4-experimental repository now. Once we receive feedback on how it works, we'll promote this package to our EA4 mainline repositories.
Make sure to replace '##' with 54 for PHP version 5.4, for example.
You can read more about the experimental repo here:
https://documentation.cpanel.net/display/EA4/The+Experimental+Repository
This has been released and is now available in EasyApache4. You can see the package listed in the changelog for 2017-04-18
https://documentation.cpanel.net/display/EA4/EasyApache+4+Change+Log
This has been released and is now available in EasyApache4. You can see the package listed in the changelog for 2017-04-18
https://documentation.cpanel.net/display/EA4/EasyApache+4+Change+Log
Replies have been locked on this page!