This is a suggestion of compilation directive to use when compiling PHP specifically for the audited code.
The selection made below is based on the extension usage, found in the code (--enable, --with) and also the absence of usage (--disable, --without).
Some local extensions (--pdo-mysql, --with-libmbfl...) are also mentionned for help.
# install 5 extra extensions
#pecl install libsodium (https://pecl.php.net/package/libsodium)
#pecl install php-psr (https://github.com/jbboehr/php-psr)
#pecl install suhosin.org (https://suhosin.org/)
#pecl install swoole-src (https://github.com/swoole/swoole-src)
#pecl install xhprof (https://pecl.php.net/package/xhprof)
;;;;;;;;;;;;;;;;;;;;;;;;
; PHP configure list ;
;;;;;;;;;;;;;;;;;;;;;;;;
./configure
--with-curl=DIR
--with-gd
--with-jpeg-dir=DIR
--with-png-dir=DIR
--with-xpm-dir=DIR
--with-vpx-dir=DIR
--with-freetype-dir=DIR
--enable-gd-native-ttf
--disable-hash
--enable-intl
--with-ldap[=DIR]
--with-ldap-sasl[=DIR]
--with-libsodium[=DIR]
--enable-mbstring
--with-libmbfl=DIR
--enable-mbstr-enc-trans
--disable-mbregex
--with-mysqli
--enable-opcache
--enable-pcntl
--disable-pdo
--disable-posix
--enable-psr
--enable-simplexml
--without-sqlite3
--enable-suhosin
--enable-suhosin-experimental
--with-swoole
--enable-swoole-debug, --enable-sockets, --enable-ringbuffer, --enable-async-redis, --enable-openssl, --enable-http2, --enable-thread, --enable-hugepage, --enable-swoole, --enable-mysqlnd, --enable-coroutine, --enable-picohttpparser, --enable-timewheel
--disable-tokenizer
--with-xhprof=DIR
--disable-xml
--disable-xmlreader
--disable-xmlwriter
--with-zlib=DIR
; For debug purposes
;--enable-dtrace
;--disable-phpdbg
;--enable-zend-signals
;--disable-opcache