Hudzilla.org - the homepage of Paul Hudson

17.4 Hardened PHP

This is NOT the latest copy of this book; click here for the latest version.

One thing worth considering if the security of your server is of paramount important is a project known as Hardened PHP. This is a set of patches to the PHP source code that make the task of hacking your server by exploiting PHP that much harder. Hardened PHP is not an official PHP project, and so cannot be relied upon to be as stable as the core PHP release, however it is just a set of minor patches and so isn't likely to affect stability at all.

Does it make PHP more secure? That's hard to say: very few people have been hit by PHP exploits in its existence, so most of us don't really have a reason to switch to the hardened release. If you stop using a straight PHP build and instead use Hardened PHP, you may find other tools stop working - particularly things like Zend Performance Suite, that require in-depth knowledge of your PHP build.

If you're using Hardened PHP I'd love to hear your experiences.

<< 17.3.8 Changing block cipher mode		17.5 Summary >>
Table of Contents

Want to see this stuff in print? PHP in a Nutshell takes the core topics covered here, adds in thousands of edits from the editorial team and myself, and combines them to make an unbeatable reference for PHP programmers at all levels.

My latest book has hundreds more tips on how to use PHP, Apache, and MySQL, plus Perl, Python, shell scripts, performance tuning, and more!

Be the first to add a comment to this chapter!

Add comment
Please note that by posting a comment here you are committing it to the public domain. This is important so that others can make use of your code themselves, and also so that I can incorporate helpful notes directly into the main text. Comments are limited to 2000 characters in length.

If you are reporting an error in the content, please tell me directly.