SECURITY UPDATE: Secure and Update your PHP

Last modified: February 24, 2020
You are here:
Estimated reading time: 1 min

Dear valued customers,

To minimize security vulnerability, it is extremely important to secure your PHP and to keep your PHP version up to date.

Here are the security enhancements we recommend you to apply:
1) Install and configure ModSecurity.

ModSecurity is an open source for web applications intrusion detection / prevention engine. In other words, Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security. Protecting web applications from known and unknown attacks.

Step of installation for ModSecurity:
1) Download yum repo and install the ModSecurity using yum
# wget -q -O –| sh
# yum install mod_security

2) Download apply the ModSecurity rules.
# cd /etc/httpd/modsecurity.d && wget
# tar –xvvzf modsec-2.5-free-latest.tar.gz

3) Remove unwanted rules
# cd /etc/httpd/modsecurity.d && rm -Rf 00_asl_rbl.conf 00_asl_whitelist.conf

4) Restart apache service
#/etc/init.d/httpd restart

2) Install PHP HardenedPHP patch

The hardenedPHP patch is a patch that adds security hardening features to PHP to protect your servers from a number of well-known issues in PHP applications and potential unknown vulnerabilities within those applications or the PHP core itself.

3) Keep your Plesk version and application version up to date

** NOTE: mod_security and Suhosin were not fully tested with Plesk Sitebuilder. If you are using Plesk Sitebuilder, it is recommended to disable mod_security and Suhosin on the publishing server.

Installation steps for Suhosin
1) Download suhosin and install it
#cd /usr/local/
#wget
#tar -zxvf suhosin-0.9.18.tgz
#cd suhosin-0.9.18
#phpize
#./configure
#make && make install

2) Add a load directive to php.ini
#extension=suhosin.so

3) Restart apache service
#/etc/init.d/httpd restart

<< PLESK Users >>

Mod_security and Suhosin were not fully tested with Plesk Sitebuilder. If you are using Plesk Sitebuilder, it is recommended to disable mod_security and Suhosin on the publishing server.

<< CPANEL/WHM Users >>

For server pre-installed with cPanel, you will only need to enable the ModSecurity module and Suhosin module from the EasyApache and recompile the Apache.

Was this article helpful?
Dislike 0
Views: 22
Customer Services Contact

Need Help? Send a Ticket to our 24X7 Technical Support Team

Subtitle
Subscribe Newsletter

Subscribe to Casbay Newsletter for online tips, events and latest promotion !

Copyright © 2010 – 2020 Casbay Sdn. Bhd. (1042688-D). All Rights Reserved.

All Trademarks Are The Property of Their Respective Owner.