Overview
Suhosin (pronounced 'su-ho-shin') is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.
Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against buffer overflows or format string vulnerabilities. The second part is a powerful PHP extension that implements numerous other protections.
Read more about Suhosin at the following link:
Installing Suhosin
Suhosin is not installed on DreamHost servers. If you'd like to run Suhosin, you'd need to create a custom installation. Please note that sudo/root privileges are not available, so the software would need to be installed locally under your Shell user.
View the following article for information on how to create and edit a file via SSH:
If any installation requires sudo privileges, you must upgrade to a Dedicated Server.
If you must run phpize during installation of any software, make sure to specify the full path depending on the version you need to use:
[server]$ /usr/local/php80/bin/phpize [server]$ /usr/local/php81/bin/phpize
[server]$ /usr/local/php82/bin/phpize
Setting Suhosin variables
You can set custom Suhosin variables within a phprc file on your server. The following articles walk you through creating a phprc file via FTP or SSH:
- Create a phprc file via FTP (easier for beginners)
- Create a phprc file via SSH (for advanced users)