How to Fix Suhosin Error ‘ALERT – configured GET variable value length limit exceeded…’ on Debian Squeeze

PHP Suhosin is an open source patch for PHP5 to harden the servers security.

I found this Suhosin looping error message when checked on /var/log/user.log

# tail -f /var/log/user.log

Feb 25 07:28:39 rastavarian suhosin[444]: ALERT – configured GET variable value length limit exceeded – dropped variable ‘cookie’ (attacker ‘202.42.246.191’, file ‘/var/www/wp-admin/admin-ajax.php’)
Feb 25 07:28:40 rastavarian suhosin[442]: ALERT – configured GET variable value length limit exceeded – dropped variable ‘cookie’ (attacker ‘202.42.246.191’, file ‘/var/www/wp-admin/admin-ajax.php’)

To fix this, edit /etc/php5/conf.d/suhosin.ini

# nano /etc/php5/conf.d/suhosin.ini

And modify the following line, increase 64 to 128:

suhosin.get.max_name_length = 128
suhosin.post.max_name_length = 128
suhosin.request.max_varname_length = 128

 

Keywords:

  • alert - configured request variable name length limit exceeded - dropped variable
  • configured get variable value length limit exceeded
Comments
  1. Nadya Reply
    • kumkum Reply
  2. Frank Wiley Reply
  3. James Reply

Leave a Reply

Your email address will not be published. Required fields are marked *