Could someone be so kind as to suggest a distro that DOES NOT include Suhosin (PHP 5.3)? I know it is included with Ubuntu 10.x and believe it to be included with Ubuntu 9.x.

This add-on, patch, etc is causing problems with flash related applications and is a royal pain to remove. My attempts to remove it have not yet been successful and am considering moving to a different distribution.

Thank you for your thoughts and comments.

I'm pretty sure the red hat derivatives (centos/fedora) don't use suhosin by default. Debian derivatives do. Not sure about arch/gentoo/slackware

What problems are you having with suhosin, if memory serves the debian php package only contains the patch which doesn't do much in the way of restricting things.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

@obs Thank you for the fast reply.

I guess this leads me to one other question.

I have used Fedora in the past but am not familiar with CentOS. Could anyone comment as to substantial differences between them in respect to server configurations?

I am looking at a LAMP type configuration that is secure.
Apache2, MySQL and PHP 5.x (preferably 5.3).

Main focus is to host multiple websites that I have created via VirtualHosts options.

Thank you.

centos = old and "stable" however it's versions of PHP are so old they're pretty useless (php 5.1) (roll on centos 6!)

fedora = new and "unstable" fedora has a short life cycle (see http://fedoraproject.org/wiki/LifeCycle ... _.28EOL.29)

Personally I wouldn't use either of them in a server system, if I had to use one I'd chose centos and get updated rpms from a 3rd party repo (see http://wiki.centos.org/AdditionalResources/Repositories), fedora's life cycle is too short IMHO to use as a server.

If I were you I'd try and resolve my issues with suhosin and stick with ubuntu/debian.

Alternatively you could try one of the other supported distros I don't know much about them but googling them will provide info on life cycle, php details etc, and someone else that uses them might chirp up here.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

I don't know what Ubuntu is using and it may depend on your application, but the Suhosin patch that Debian uses doesn't cause any problems for a few flash based apps on my sites. One is a flash based uploader, the other is a slideshow.

I know that the full-on Suhosin binary does cause issues with a lot more than just flash based apps though. It's definitively a trade off of "let's make your server 'secure' but you can't do a whole lot of anything, have fun" type of "enhancement"

I've CentOS with PHP 5.3, no Suhosin, no problems. On the CentOS website it highlights "php53 is available as a php replacement", I assume because there are no known issues.

You can try to enable suhosin simulation mode: http://www.hardened-php.net/suhosin/con ... simulation