Si quieres ver los pasos donde me fijé puedes ver la página de Apache friends Support Forum.
Los Pasos:
1.- Descargar la extensión php5-suhosin desde Debian.
2.- Extraer del paquete la librería "suhosin.so" y copiarla a:
/opt/lampp/lib/php/extensions/no-debug-non-zts-20090626
3.- Agregar al "php.ini" la extensión:
extension=suhosin.so
4.- Agregar las opciones al "Module Settings" del "php.ini" y configurar a gusto.
Como ejemplo muestro una parte del "php.ini":
;oci8mark ;extension-suhosin extension=suhosin.so ;;;;;;;;;;;;;;;;;;; ; Module Settings ; ;;;;;;;;;;;;;;;;;;; [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = America/Caracas [suhosin] ; Logging Configuration ;suhosin.log.syslog = ;suhosin.log.syslog.facility = 9 ;suhosin.log.syslog.priority = 1 ;suhosin.log.sapi = ;suhosin.log.script = 0 ;suhosin.log.phpscript = 0 ;suhosin.log.script.name = ;suhosin.log.phpscript.name = ;suhosin.log.use-x-forwarded-for = off ; Executor Options ;suhosin.executor.max_depth = 0 ;suhosin.executor.include.max_traversal = 0 ;suhosin.executor.include.whitelist = ;suhosin.executor.include.blacklist = ;suhosin.executor.include.allow_writable_files = on ;suhosin.executor.func.whitelist = ;suhosin.executor.func.blacklist = ;suhosin.executor.eval.whitelist = ;suhosin.executor.eval.blacklist = ;suhosin.executor.disable_eval = off ;suhosin.executor.disable_emodifier = off ;suhosin.executor.allow_symlink = off ; Misc Options ;suhosin.simulation = off ;suhosin.apc_bug_workaround = off ;suhosin.sql.bailout_on_error = off ;suhosin.sql.user_prefix = ;suhosin.sql.user_postfix = ;suhosin.multiheader = off ;suhosin.mail.protect = 0 ;suhosin.memory_limit = 0 ; Transparent Encryption Options ;suhosin.session.encrypt = on ;suhosin.session.cryptkey = ;suhosin.session.cryptua = on ;suhosin.session.cryptdocroot = on ;suhosin.session.cryptraddr = 0 ;suhosin.session.checkraddr = 0 ;suhosin.cookie.encrypt = on ;suhosin.cookie.cryptkey = ;suhosin.cookie.cryptua = on ;suhosin.cookie.cryptdocroot = on ;suhosin.cookie.cryptraddr = 0 ;suhosin.cookie.checkraddr = 0 ;suhosin.cookie.cryptlist = ;suhosin.cookie.plainlist = ; Randomness ;suhosin.srand.ignore = on ;suhosin.mt_srand.ignore = on ; Filtering Options ;suhosin.filter.action = ;suhosin.cookie.max_array_depth = 100 ;suhosin.cookie.max_array_index_length = 64 ;suhosin.cookie.max_name_length = 64 ;suhosin.cookie.max_totalname_length = 256 ;suhosin.cookie.max_value_length = 10000 ;suhosin.cookie.max_vars = 100 ;suhosin.cookie.disallow_nul = on ;suhosin.get.max_array_depth = 50 ;suhosin.get.max_array_index_length = 64 ;suhosin.get.max_name_length = 64 ;suhosin.get.max_totalname_length = 256 ;suhosin.get.max_value_length = 512 ;suhosin.get.max_vars = 100 ;suhosin.get.disallow_nul = on ;suhosin.post.max_array_depth = 100 ;suhosin.post.max_array_index_length = 64 ;suhosin.post.max_name_length = 64 ;suhosin.post.max_totalname_length = 256 ;suhosin.post.max_value_length = 1000000 ;suhosin.post.max_vars = 1000 ;suhosin.post.disallow_nul = on ;suhosin.request.max_array_depth = 100 ;suhosin.request.max_array_index_length = 64 ;suhosin.request.max_totalname_length = 256 ;suhosin.request.max_value_length = 1000000 ;suhosin.request.max_vars = 1000 ;suhosin.request.max_varname_length = 64 ;suhosin.request.disallow_nul = on ;suhosin.server.encode = on ;suhosin.server.strip = on ;suhosin.upload.max_uploads = 25 ;suhosin.upload.disallow_elf = on ;suhosin.upload.disallow_binary = off ;suhosin.upload.remove_binary = off ;suhosin.upload.verification_script = ;suhosin.session.max_id_length = 128 ;suhosin.coredump = off ;suhosin.protectkey = 1 ;suhosin.stealth = 1 ;suhosin.perdir = "0"
Las opciones de configuración las he tomado del mismo paquete php5-suhosin, solo queda configurarlas al gusto.
También pueden ver la documentación en hardened-php.net.
Una captura:
No hay comentarios:
Publicar un comentario