Webhosting Blog

Disable suhosin


Suhosin for a domain can be disabled by 2 methods.

1) Using php.ini

2) Using .htaccess.

Following are the steps in order to

A. Disable suhosin using php.ini.

1) Login to the server as root

2) Copy the servers customized php.ini file to the document root of the domain.

[root@server]# php -i | grep php.ini
Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => /usr/local/lib/php.ini

[root@server]# cp /usr/local/lib/php.ini /home/username/public_html

3) Open the php.ini file and add the following code to the file:

[suhosin]
; Misc Options
suhosin.simulation = On

[On indicates disabled, Off indicates enabled]

4) Save and quit the file. Restart apache.  That’s it. Suhosin for a domain will now be disabled.

B. Disable SUHOSIN via .htaccess

1) Go to the document root for the domain and open the .htaccess file for the domain.

2)Now enter the following code in the file.

php_flag suhosin.simulation On

3) If the server is configured to use suphp try entering following code in .htaccess.

<Files “.ht*”>
deny from all
</Files>

suPHP_ConfigPath /home/username

4)Save and quit the file. Restart apache.  That’s it. Suhosin for a domain will now be disabled.

About these ads

12 responses

  1. Pingback: How not to choose a shitty webhosting company

  2. Pingback: mv /etc/php.ini.rpmnew /etc/php.ini serv… « Php Bugs

  3. Pingback: 2010 in review « Linux Blog

  4. I am interested in your .htaccess solution but I don’t understand it: am I supposed to use one of those two?

    suhosin is enabled for my server I just want to disable it for an app that is installed in a separate folder so .htaccess is the ideal solution. what do I put into my .htaccess now?

    April 27, 2011 at 8:14 am

    • Hi,
      If you need to disable suhosin for particular application, you can directly place the .htaccess file in the app folder and disable the setting. You can use the following code in .htaccess
      php_flag suhosin.simulation Off

      I am assuming the server is a su-exec server in this case.

      April 28, 2011 at 3:26 am

      • thx. I was just wondering as above, you stated it needs to be On ?
        Slightly confused.
        yes it is running su-exec and fastcgi

        April 28, 2011 at 6:46 am

  5. Pingback: paico | Fatal error: SUHOSIN…

  6. adding this code

    [suhosin]
    suhosin.simulation = On

    to /etc/php.ini not working.

    January 2, 2012 at 5:59 pm

    • Hi,

      Is suhosin installed on the server? IF not you will first need to compile the server with suhosin support.

      January 3, 2012 at 10:28 am

  7. Pingback: Fatal error: SUHOSIN… | Guri de Programa

  8. Farid

    Thanks, you helped me a lot. But only the php.ini method has worked for me. The .htacess method didn’t work. I use apache module.

    July 17, 2013 at 5:55 pm

    • Sk

      I am glad it helped you sort your issue. All the best!!

      July 18, 2013 at 5:46 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 28 other followers