Page 1 of 1
suhosin-errors
Posted: Mon Apr 23, 2012 10:11 am
by Lux
Hi!
How long shall the variables be (and how is the corresponding suhosin parameter called)?
Code: Select all
Apr 23 09:08:34 rico suhosin[17309]: ALERT - configured request variable name length limit exceeded - dropped variable '/plugin/cachedAvatar_95f70358f16ee23f5d3c5a62db2fd416_49da80dd0232882bee8b791976924f73_e55be2a1302751c8eb666fe48ad6e09f' (attacker '217.86.146.99', file '/srv/www/deimeke.net/dirk/blog/index.php')
Thanks for any hint.
Dirk
Re: suhosin-errors
Posted: Mon Apr 23, 2012 10:41 am
by Timbalu
You need to test...
suhosin.get.max_name_length (default 64)
suhosin.post.max_name_length (default 64)
suhosin.request.max_varname_length (default 64)
Re: suhosin-errors
Posted: Mon Apr 23, 2012 11:02 am
by Lux
Timbalu wrote:You need to test...
suhosin.get.max_name_length (default 64)
suhosin.post.max_name_length (default 64)
suhosin.request.max_varname_length (default 64)
Thanks!
I raised them to 1024.
Will see what happens.
Cheers
Dirk
Re: suhosin-errors
Posted: Mon Apr 23, 2012 4:28 pm
by Timbalu
Lux wrote:I raised them to 1024.
This makes the use of suhosin tracking request userdata obsolet, I suppose.
This avatar url is very long, does it really need to?
Re: suhosin-errors
Posted: Mon Apr 23, 2012 4:36 pm
by Lux
Timbalu wrote:Lux wrote:I raised them to 1024.
This makes the use of suhosin tracking request userdata obsolet, I suppose.
Agreed!
Timbalu wrote:This avatar url is very long, does it really need to?
Up to the developpers.
This one URL was only an example, I got about 90 errors per hour.
Cheers
Dirk