This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

suhosin alternatives
#1
suhosin alternatives
I want to very update to php 7, is suhosin was giving some bugs in my apache, so decide to take it out is to switch to php 7.0, what suggestions have substitudes?   Huh
Reply
Thanks given by:
#2
RE: suhosin alternatives
(01-06-2017, 12:31 PM)Douglasgomes Wrote: I want to very update to php 7, is suhosin was giving some bugs in my apache, so decide to take it out is to switch to php 7.0, what suggestions have substitudes?   Huh

What version of SUHOSIN were you using? SENTORA 1.03's installer I think is still using 0.3.7.1 of SUHOSIN. Its current level is 0.3.8 and works without incident on PHP 5.6.29. Alternatives are something on the roadmap so you would have to ask one of the developers or folks with years in the project to find out what is compatible. From reading the roadmap the other day, it appears SuExecute is on the list, but that should require some doing I would think to work inside of the SENTORA framework.

I wrote a small guide that you can cut and paste into a terminal and install SUHOSIN in seconds and in a few other seconds, set up the ini file correctly for CentOS/Apache and the parsed php.d folder. That guide is here.

Let me know if you have any questions regarding it if you decide to use it.

Douglas
Everyone makes mistakes, but to truly screw up it takes the root password!
Reply
Thanks given by:
#3
RE: suhosin alternatives
BTW, if it matters any, while not supported by any of the developers, I have been using php5.6.29 for some time and have had zero issues with it. I would also not reccomend php7 for anything but a personal machine as there still are major compatibility issues with gobs of server side software (likely could be some issues with SENTORA too; ask around...)

I was going to write a 3,000 page guide on how to install SENTORA with php5.6.29, ffmpeg, ffmpeg-php, imagick and a handful of other extras, but won't likely do so until someone here gives me the go ahead. My servers must have newly compiled codecs and such for my purposes, that is why I updated php even though the development team does not endorse it. There is a whole lot of work that goes into making the change done right and I have run into no issues now that I have the procdure and requirements down 100%.

Might I suggest if you want to play around with something as new as php7 perhaps to spin up a vagrant box virtual machine so that you can break it over and over again until it suits you. I have hundreds of hours of learning in my setup... (I only use CentOS for a handful of reasons) yet many people get along with Ubuntu, but you would have to figure out how to translate any guide or comments I might make if you are not using CentOS.

Also, FYI CentOS 6.8 is much more compatible with everything than 7 has become yet. Many dependencies have yet to be upgraded for CentOS 7 - and get used to compiling much of what you do. I will add that if you require things like ffmpeg, ffmpeg-php and the like in any combination on your machines, from countless hours I can tell you that to be able to compile ffmpeg and especially to get the php extension to work with daily build new stuff, even the php that ships for CentOS 7 is not new enough. The minimum (and in my opinion) the maximum for php, SENTORA and lots of shared libraies and compiling, nothing later or earlier than php56 will get you there. It takes some hours to install especially since I am compiling codecs and such, and can tell you if it takes 20 hours to set up a fresh safe server in CentOS 6.8, expect about ten fold that for CentOS 7. - Unless of course I write a 6,000 page guide to doing that!

Douglas
Everyone makes mistakes, but to truly screw up it takes the root password!
Reply
Thanks given by:
#4
RE: suhosin alternatives
PHP might work for sure but as long suhosin is not installed, it's not secure.

The only alternative is to change the stack behind it.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#5
RE: suhosin alternatives
(01-06-2017, 11:53 PM)Me.B Wrote: PHP might work for sure but as long suhosin is not installed, it's not secure.

The only alternative is to change the stack behind it.

M B

Do you mean you know php7 is compatible with everything? It may be compatible with SENTORA, but it is still not compatible with tons of packages people might want to install on their servers.

Also my post confirms php5.6.29 and suhosin 0.3.8.x work perfectly if you follow the instructions and simply install it after you upgrade as I noted in the other post. The reason I did not use the method that would let me install different versions of php on your own vanilla php version in SENTORA is that it is silly to update for your hosting and continue to use grossly outdated php for SENTORA. I did all of the footwork so all of php gets updated and while you may disagree, with it working properly and updating without conflicts (there are some things to do to accomplish this...) it seemed to me the right thing to do. I still say php7 is too new, but if a person vets what they are going to install entirely on php7 first and it works, then well good deal. I have not found that to be the case at all though here.

Douglas
Everyone makes mistakes, but to truly screw up it takes the root password!
Reply
Thanks given by:
#6
RE: suhosin alternatives
PHP 7 is not secure with sentora as we miss suhosin sandboxing.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by: worksmarter


Possibly Related Threads…
Thread Author Replies Views Last Post
Suhosin is a dead project. How will Sentora move on to PHP 7.x? worksmarter 16 39 ,050 07-28-2019, 03:37 PM
Last Post: Ron-e
Time to give up on Suhosin? aaronlroberts 2 6 ,019 05-11-2019, 08:31 AM
Last Post: aaronlroberts
Can I remove suhosin on non sharing sentora vps? maximus___ 1 3 ,910 04-17-2019, 12:48 AM
Last Post: Me.B

Forum Jump:


Users browsing this thread: 1 Guest(s)