Suhosin (수호신) is a Korean word that means “guardian-angel”, originally developed by Stefan Esser, a German developer who loves Korean language.
Originated from the Hardened-PHP project, Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.
There are 2 parts in Suhosin:
- Patch to PHP that hardens the Zend engine to protect from possible buffer overflows and related vulnerabilities.
- Standalone Suhosin extension module for PHP to provide many security features that are not present in PHP itself.
Some of the features of Suhosin are:
- Logging of errors to syslog or arbitrary logfiles
- Create blacklists and whitelists per virtual host
- Filter on GET and POST requests, file uploads, and cookies
- Transparent encryption of sessions and cookies
- Set memory limits
- ... and many more
For more information about downloading and installing Suhosin, click here.