// Archive
PHP-Snuffleupagus blocks dangerous functions, eval(), remote file inclusion and cookie theft inside the PHP interpreter itself — where a WAF can’t reach. Full installation, WordPress-specific rules, per-pool config, and production tuning guide.