Snuffleupagus

Snuffleupagus is a PHP7+ and PHP8+ module designed to drastically raise the cost of attacks against websites. This is achieved by killing entire bug classes and providing a powerful virtual-patching system, allowing the administrator to fix specific vulnerabilities without having to touch the PHP code.

Greetings

We would like to thank the following people:

  • Suhosin, for paving the way.
  • Hardened PHP, for everything they did, especially the Month of PHP Security.
  • The people behind the RIPS scanner, for their ground breaking work
  • NBS System, for creating and open-sourcing this piece of software
  • Websec.fr, for keeping our interesting vulnerabilities alive
  • Web developers around the world, for being so imaginative