From the thread: How to install php 5.6 on centos 6/7 working 100%
Located here.
I first need to credit this to Me B for he asserts correctly that one should recompile SUHOSIN if you use the remi repo (and NOT use the remi SUHOSIN package as the author of that thread suggests to update your php to 5.6.) I am going to copy and paste my reply/post here as many would miss it in the initial thread mentioned above. Incidentally my understanding is that the programmers with Sentora DO NOT support this remi update anyhow and I have received no approval ( and won't) for this post. They are supporting what the OS's support. Sadly on CentOS 6.x that means php 5.3 or less. for me not acceptable. What follows is the post I was going to tag onto M B's comments but decided to add them here for more visibility. If I am violating the rules or any such thing, please feel free to take action and delete this post. Also if anyone sees or runs into any mistakes, please chime in as I wrote this from memory. Thank you all.
Me B is correct, but now 0.9.38 is available here:
https://download.suhosin.org/suhosin-0.9.38.tar.gz
If you are going to do this PHP upgrade which I don't endorse either, but am required for the server-side stuff I am hosting you should download and compile the latest version of SUHOSIN. The reason for this is that if you install the REMI module, it will install the entire module code to /etc/php.d. which is not only potentially a pain, but also goes against the framework used with CentOS and Sentora - and likely other OS's like Ubuntu.
What we want is only the module's .ini file there that the server can parse. For instance, I have Composer installed and it is much easier to add the whitelist for it in a file that maybe only has two lines:
Compared to messing with the whole module in your php.d folder it was now simple and orderly to enable the exception for phar. This is Sentora's default behavior.
So that brings us here when you have updated all but Suhosin.
Rename it in your etc/php.d folder with a priority like, 20-suhosin.ini with the rest of your php extension .ini's. (or at least on CentOS - likely Ubuntu too; someone else will have to vet that...)
And that is it.
Located here.
I first need to credit this to Me B for he asserts correctly that one should recompile SUHOSIN if you use the remi repo (and NOT use the remi SUHOSIN package as the author of that thread suggests to update your php to 5.6.) I am going to copy and paste my reply/post here as many would miss it in the initial thread mentioned above. Incidentally my understanding is that the programmers with Sentora DO NOT support this remi update anyhow and I have received no approval ( and won't) for this post. They are supporting what the OS's support. Sadly on CentOS 6.x that means php 5.3 or less. for me not acceptable. What follows is the post I was going to tag onto M B's comments but decided to add them here for more visibility. If I am violating the rules or any such thing, please feel free to take action and delete this post. Also if anyone sees or runs into any mistakes, please chime in as I wrote this from memory. Thank you all.
Me B is correct, but now 0.9.38 is available here:
https://download.suhosin.org/suhosin-0.9.38.tar.gz
If you are going to do this PHP upgrade which I don't endorse either, but am required for the server-side stuff I am hosting you should download and compile the latest version of SUHOSIN. The reason for this is that if you install the REMI module, it will install the entire module code to /etc/php.d. which is not only potentially a pain, but also goes against the framework used with CentOS and Sentora - and likely other OS's like Ubuntu.
What we want is only the module's .ini file there that the server can parse. For instance, I have Composer installed and it is much easier to add the whitelist for it in a file that maybe only has two lines:
Code:
; Enable Suhosin
extension=suhosin.so
suhosin.executor.include.whitelist = pharCompared to messing with the whole module in your php.d folder it was now simple and orderly to enable the exception for phar. This is Sentora's default behavior.
So that brings us here when you have updated all but Suhosin.
Code:
cd /tmp
wget https://download.suhosin.org/suhosin-0.9.38.tar.gz --no-check-certificate
tar -xzf suhosin-0.9.38.tar.gz
rm -f suhosin-0.9.38.tar.gz
cd suhosin-0.9.38
phpize &> /dev/null
./configure &> /dev/null
make &> /dev/null
make install
cd ..
rm -rf suhosin-0.9.38Rename it in your etc/php.d folder with a priority like, 20-suhosin.ini with the rest of your php extension .ini's. (or at least on CentOS - likely Ubuntu too; someone else will have to vet that...)
And that is it.
Everyone makes mistakes, but to truly screw up it takes the root password!
