Suhosin (Korean for "guardian angel", according to Wikipedia) is a set of patches to the PHP source code that make the task of hacking your server by exploiting PHP that much harder. It's not an official PHP project, and so cannot be relied upon to be as stable as the core PHP release, however it is just a set of minor patches and so isn't likely to affect stability at all. If you installed PHP as part of a package, you might find that Suhosin ships as standard.
Does it make PHP more secure? That's hard to say: very few people have been hit by PHP exploits in its existence, so most of us don't really have a reason to switch to the hardened release.
If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!
Next chapter: Summary >>
Previous chapter: Changing block cipher mode
Home: Table of Contents
Copyright ©2015 Paul Hudson. Follow me: @twostraws.