Original author(s) | Stefan Esser |
---|---|
Initial release | October 2, 2006 |
Final release | 0.9.38
/ May 21, 2015 |
Repository | github |
Written in | C |
Platform | PHP |
Licence | PHP License |
Website | suhosin |
Suhosin (Korean 수호신, Korean pronunciation: [suɦoɕin], meaning "guardian angel") is an open source patch for PHP and also a PHP extension, written by the German company Sektion Eins. The patch and the extension are two independent parts, that can be used separately or in combination. "The goal behind Suhosin is to be a safety net that protects servers from insecure PHP coding practices."[1]
Suhosin also reduces the "attackable surface" that PHP adds to a Web Server through function whitelists, resource limits, transparent session and cookie encryption, binary content filter, logging and various other protections.[2] This reduces the risk of deploying previously deemed unsafe PHP programs and protects against known and unknown attacks.