Do I need to use phpSUEXEC ?

[DReade83]

I have two servers, both private, in other words they only host and run code developed by me. So is there any point in having phpSUEXEC? Also what about Suhosin, is that meant for shared hosting, or will it benefit me too? I'm running ModSecurity but wondered if Suhosin would have any benefits?

Thanks in advance!

 

[rhenderson]

phpSUEXEC basically protects your CGI scripts, so you can decide if you need it, I assume it would depend on what scripts you are running.

SuHosin can stop some injection attempts as well as a lot of other vunerabilites. Even though your server is private, if you can access it via an IP or host name someone will find it and try to inject a script or look for other weaknesses to exploit.

We ran without SuHosin for a very long time without issues, but we had phpSuExec and CSF firewall and extensive mod_security rules. We do now run SuHosin and SuPHP just to make the server a little more hardened against attacks.

 

[DReade83]

I'm running PHP as a module and there are no CGI scripts at all. That said would it make a difference if I ran phpSUEXEC?

As for Suhosin, does it log injection attacks and other intrusion attempts?