Daabobo Fifi sori PHP pẹlu Patch Security Suhosin ni RHEL/CentOS/Fedora

Suhosin jẹ orisun ṣiṣi ilọsiwaju aabo ati eto alemo aabo fun fifi sori PHP. Aṣeyọri akọkọ ti suhosin ni lati daabobo awọn olupin ati awọn olumulo lodi si ọpọlọpọ awọn ailagbara aimọ ati awọn abawọn miiran ti a mọ ati aimọ ninu awọn ohun elo pẹlu WordPress ati ọpọlọpọ awọn ohun elo orisun php miiran.

Ninu nkan yii a yoo fi ọna meji han fun ọ fun fifi sori Suhosin Patch labẹ awọn eto RHEL/CentOS/Fedora. Jọwọ ṣe akiyesi ni diẹ ninu awọn kaakiri Linux bi Debian ati Ubuntu, suhosin ti firanṣẹ nipasẹ aiyipada.

Wo tun: Daabobo Awọn olupin Lainos pẹlu LMD (Linux Malware Detect)

Apakan akọkọ pẹlu lilo fifi sori koodu orisun ati fifi sori apakan keji jẹ nipa titan ibi ipamọ epel ẹnikẹta.

Apakan 1: Fifi Suhosin Patch sii nipa lilo Orisun Orisun

Ni akọkọ fi sori ẹrọ package igbẹkẹle php-devel ati lẹhinna ṣe igbasilẹ ẹya tuntun ti alemo suhosin nipa lilo pipaṣẹ wget ki o si ṣaja rẹ.

# yum install php-devel
# wget http://download.suhosin.org/suhosin-0.9.33.tgz
# tar -xvf suhosin-0.9.33.tgz

Nigbamii, ṣiṣe awọn ofin wọnyi lati ṣajọ alemo suhosin fun fifi sori php.

# cd suhosin-0.9.33
# phpize
# ./configure
# make
# make install

Ṣẹda faili iṣeto suhosin nipa fifi afikun itẹsiwaju suhosin si rẹ.

# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini

Tun bẹrẹ Apache olupin, Nginx tabi Lighttpd olupin ayelujara.

# service httpd restart
# service nginx restart
# service lighttpd restart

Apá 2: Fifi Suhosin Patch sii nipa lilo ibi ipamọ EPEL

Tan ibi ipamọ EPEL labẹ awọn eto RHEL/CentOS ati lẹhinna ṣiṣe aṣẹ atẹle lati fi sii. (Akiyesi: Olumulo Fedora ko nilo lati ṣafikun ibi ipamọ epel).

# yum install php-devel
# yum install php-suhosin

Tun bẹrẹ Apache olupin, Nginx tabi Lighttpd olupin ayelujara.

# service httpd restart
# service nginx restart
# service lighttpd restart

Daju Suhosin Patch

Tẹ iru aṣẹ wọnyi lati jẹrisi fifi sori suhosin.

# php -v

PHP 5.3.3 (cli) (built: Jul  3 2012 16:40:30)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH

Lati wa alaye diẹ sii nipa alemo suhosin ṣẹda faili atẹle labẹ ilana itọsọna root olupin rẹ. Fun apẹẹrẹ, (/ var/www/html /).

# vi phpinfo.php

Ṣafikun awọn ila wọnyi si o.

<?php

     phpinfo ();
?>

Bayi gbiyanju lati wọle si oju-iwe nipa lilo eyikeyi ẹrọ lilọ kiri lori ayelujara ki o tẹ http://yourdomain.com/phpinfo.php. Iwọ yoo wo iboju isalẹ.

Suhosin wa pẹlu iṣeto ni aiyipada ati ṣiṣẹ lati inu apoti, ko si awọn ayipada siwaju sii ti o nilo. Ṣugbọn ti o ba fẹ tunto rẹ ni ibamu si iṣeto rẹ, lẹhinna ṣabẹwo si oju-iwe atunto suhosin fun alaye diẹ sii.