i would like to port my system from PHP 5.6.17 to 7.0.2. As operation system we use CentOS Linux release 7.2.1511.
I found no compatible suhosin (security https://suhosin.org/stories/index.html) extention for my system. Recent state of suhosin extension for PHP7 can be found here: https://github.com/sektioneins/suhosin7.
How to secure it now without sushosin (i am not an expert in php internals) that fixes some important security issues? Perhaps there are some great alternatives?
We plan to finish and release our prooject in about 3 months thus it would be nice to have it ported to PHP7 for the performance gain until than. So i have no so much time;-)
disable eval - You can disable eval with https://github.com/mk-j/PHP_diseval_extension if you're okay compiling the extension yourself. It includes rpm spec files as well.
encrypted sessions - http://php.net/manual/en/class.sessionhandler.php contains sample source code for EncryptedSessionHandler
disable functions / disable classes - you use php.ini to disable these now