[ Thanks to Falko
Timme for this link. ]
“This tutorial shows how to harden PHP5 with Suhosin on Debian
Etch and Ubuntu servers. From the Suhosin project page: ‘Suhosin is
an advanced protection system for PHP installations that was
designed to protect servers and users from known and unknown flaws
in PHP applications and the PHP core. Suhosin comes in two
independent parts, that can be used separately or in combination.
The first part is a small patch against the PHP core, that
implements a few low-level protections against buffer overflows or
format string vulnerabilities and the second part is a powerful PHP
extension that implements all the other protections…'”