Suhosin Secure and Hardened PHP
Suhosin is an advanced protection system for PHP installations.
It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.
Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against buffer overflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.
IFDNRG uses Suhosin as part of a comprehensive security plan on all webservers to protect against attacks.
- Chroot Jail's for FTP access
- Chroot Jail's for PHP directory access
- Adaptive Firewalling.
- Hardened PHP.
- Restrictive shell access.
Mod_security
ModSecurity is an open source web application firewall (WAF) engine for Apache that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.