Grow your Business Online​
Wesbytes Blue Logo

Wesbytes Knowledge Base

Search our articles or browse by category below

Security Update: Secure and Update your PHP

Last modified: July 2, 2022
You are here:
Estimated reading time: 1 min

Security Update: Secure and Update your PHP

In order to reduce security vulnerability, it is crucial to protect PHP and maintain your PHP version current. Therefore, the security upgrades that we advise you to implement are as follows:

1. Install and configure ModSecurity

An open source intrusion detection and prevention engine for web applications is called ModSecurity. In other words, ModSecurity’s function as an Apache Web server module is to improve web application security and defend against both known and undiscovered threats.

Step of installation for ModSecurity:
1) Firstly, Download yum repo and install the ModSecurity using yum.
#wget -q -O –| sh
#yum install mod_security

2) Then, Download apply the ModSecurity rules.
#cd/etc/httpd/modsecurity.d && wget
#tar –xvvzf modsec-2.5-free-latest.tar.gz

3) Next, Remove unwanted rules.
#cd/etc/httpd/modsecurity.d && rm -Rf 00_asl_rbl.conf 00_asl_whitelist.conf

4) Lastly, Restart apache service.
#/etc/init.d/httpd restart

2. Install PHP HardenedPHP patch

In order to safeguard your servers from a variety of widely known problems with PHP applications, the hardenedPHP patch adds security hardening features to PHP. Additionally, it protects the servers from unforeseen vulnerabilities that might exist in those apps or even in the core of PHP.

3. Keep Your Plesk Version and Application Version Up to Date

** NOTE: mod_security and Suhosin were not fully tested with Plesk Sitebuilder. Therefore, if you are using Plesk Sitebuilder, it is recommended to disable mod_security and Suhosin on the publishing server.

Installation steps for Suhosin:
1) Firstly, Download suhosin and install it.
#cd/usr/local/</code?
#wget
#tar-zxvf suhosin-0.9.18.tgz
#cd suhosin-0.9.18
#phpize
#./configure
#make && make install

2) Secondly, Add a load directive to php.ini.
#extension=suhosin.so

3) Then, Restart apache service.
#/etc/init.d/httpd restart

<< PLESK Users >>

Mod_security and Suhosin were not fully tested with Plesk Sitebuilder. In addition, if you are using Plesk Sitebuilder, it is recommended to disable mod_security and Suhosin on the publishing server.

<< CPANEL/WHM Users >>

For server pre-installed with cPanel, you will only need to enable the ModSecurity module and Suhosin module from the EasyApache and recompile the Apache.

Was this article helpful?
Dislike 0
Views: 5