Suhosin script download - Suhosin Suhosin is an advanced protection system for PHP installations.

Suhosin is an advanced protection system for PHP installations. Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections. If you are using PHP only for your own server and only for your own scripts and applications, then you can judge for yourself, if you trust your code enough. In that case you most probably don’t need the Suhosin extension. Because most of it’s features are meant to protect servers against vulnerable programming techniques. However PHP is a very complex programming language with a lot of pitfalls that are often overseen during the development of applications. Even PHP core programmers are writing insecure code from time to time, because they did not know about a PHP pitfall. Therefore it is always a good idea to have Suhosin as your safety net.Features:Engine Protection (only with patch) - Protects the internal memory manager against bufferoverflows with Canary and SafeUnlink Protection - Protects Destructors of Zend Hashtables - Protects Destructors of Zend Linked-Lists - Protects the PHP core and extensions against format string vulnerabilities - Protects against errors in certain libc realpath() implementations Misc Features - Protection Simulation mode - Adds the functions sha256() and sha256_file() to the PHP core - Adds support for CRYPT_BLOWFISH to crypt() on all platforms - Transparent protection of open phpinfo() pages - EXPERIMENTAL SQL database user protection Runtime Protection - Transparent Cookie Encryption - Protects against different kinds of (Remote-)Include Vulnerabilities - disallows Remote URL inclusion (optional: black-/whitelisting) - disallows inclusiong of uploaded files - optionally stops directory traversal attacks - Allows disabling the preg_replace() /e modifier - Allows disabling eval() - Protects against infinite recursion through a configureabel maximum execution depth - Supports per Virtual Host / Directory configureable function black- and whitelists - Supports a separated function black- and whitelist for evaluated code - Protects against HTTP Response Splitting Vulnerabilities - Protects against scripts manipulating the memory_limit - Protects PHP‘s superglobals against extract() and import_request_vars() - Adds protection against newline attacks to mail() - Adds protection against attack on preg_replace() Session Protection - Transparent encryption of session data - Transparent session hijacking protection - Protection against overlong session identifiers - Protection against malicious chars in session identifiers Filtering Features - Filters ASCIIZ characters from user input - Ignores GET, POST, COOKIE variables with the following names: - GLOBALS, _COOKIE, _ENV, _FILES, _GET, _POST, _REQUEST - _SERVER, _SESSION, HTTP_COOKIE_VARS, HTTP_ENV_VARS - HTTP_GET_VARS, HTTP_POST_VARS, HTTP_POST_FILES - HTTP_RAW_POST_DATA, HTTP_SERVER_VARS, HTTP_SESSION_VARS - Allows enforcing limits on REQUEST variables or separated by type (GET, POST, COOKIE) - Supports a number of variables per request limit - Supports a maximum length of variable names [with and without indicies] - Supports a maximum length of array indicies - Supports a maximum length of variable values - Supports a maximum depth of arrays - Allows only a configureable number of uploaded files - Supports verification of uploaded files through an external script - Supports automatic banning of uploaded ELF executables - Supports automatic banning of uploaded binary files - Supports automatic stripping of binary content in uploaded files - Configureable action on violation - just block violating variables - send HTTP response code - redirect the browser - execute another PHP script Logging Features - Supports multiple log devices (syslog, SAPI module error log, external logging script) - Supports freely configureable syslog facility and priority - Supports log device separated selection of alert types to log - Alerts contain filename and linenumber that triggered it - Alerts contain the IP address of the user triggering it - The IP Address can also be extracted from X-Forwarded-For HTTP headers (f.e. for reverse proxy setups)

RECOMMENDED TOOLS

» PHP protection system » security system » security script » PHP » protection » system

dotSSH script 1.0     
dotSSH dotSSH is a SSH2 and SFTP3 library designed for the .NET Framework written in 100%
Price: $, Rating: 8, Downloads: 0

Brute Force Shell script 1.0     
Brute Force Shell Brute Force Shell protects your linux server against bruke force attacks
Price: GPL$, Rating: 6, Downloads: 0

iScramble script 1.1     
iScramble iScramble is a PHP script that allows you to protect any section of your HTML co
Price: Freeware$, Rating: 6, Downloads: 0

AspID script      
AspID AspID application allows you to restrict users access to certain web pages.
Price: Commercial License ($, Rating: 10, Downloads: 0

Security Login script 2.0     
Security Login Security Login script allows you to protect your ASP pages with password ac
Price: Other Free / Open So$, Rating: 8, Downloads: 0

Injection Denied script 0.0.1     
Injection Denied InjectionDenied is a bash/gawk program that blocks PHP and SQL attacks by
Price: GPL$, Rating: 10, Downloads: 0

AJAX Password Strength script      
AJAX Password Strength AJAX Password Strength script allows you to type your password in
Price: Freeware$, Rating: 10, Downloads: 0

Account Sentry script 2.0     
Account Sentry Account Sentry is an automatic anti-brute force attack sentry.
Price: Commercial License ($, Rating: 8, Downloads: 0