Page 1 of 1

suhosin-errors

Posted: Mon Apr 23, 2012 10:11 am
by Lux
Hi!

How long shall the variables be (and how is the corresponding suhosin parameter called)?

Code: Select all

Apr 23 09:08:34 rico suhosin[17309]: ALERT - configured request variable name length limit exceeded - dropped variable '/plugin/cachedAvatar_95f70358f16ee23f5d3c5a62db2fd416_49da80dd0232882bee8b791976924f73_e55be2a1302751c8eb666fe48ad6e09f' (attacker '217.86.146.99', file '/srv/www/deimeke.net/dirk/blog/index.php')
Thanks for any hint.

Dirk

Re: suhosin-errors

Posted: Mon Apr 23, 2012 10:41 am
by Timbalu
You need to test...

suhosin.get.max_name_length (default 64)
suhosin.post.max_name_length (default 64)
suhosin.request.max_varname_length (default 64)

Re: suhosin-errors

Posted: Mon Apr 23, 2012 11:02 am
by Lux
Timbalu wrote:You need to test...

suhosin.get.max_name_length (default 64)
suhosin.post.max_name_length (default 64)
suhosin.request.max_varname_length (default 64)
Thanks!

I raised them to 1024.

Will see what happens.

Cheers

Dirk

Re: suhosin-errors

Posted: Mon Apr 23, 2012 4:28 pm
by Timbalu
Lux wrote:I raised them to 1024.
This makes the use of suhosin tracking request userdata obsolet, I suppose. ;-)
This avatar url is very long, does it really need to?

Re: suhosin-errors

Posted: Mon Apr 23, 2012 4:36 pm
by Lux
Timbalu wrote:
Lux wrote:I raised them to 1024.
This makes the use of suhosin tracking request userdata obsolet, I suppose. ;-)
Agreed!
Timbalu wrote:This avatar url is very long, does it really need to?
Up to the developpers.

This one URL was only an example, I got about 90 errors per hour.

Cheers

Dirk