How to Fix Suhosin Error ‘ALERT – configured GET variable value length limit exceeded…’ on Debian Squeeze

PHP Suhosin is an open source patch for PHP5 to harden the servers security.

I found this Suhosin looping error message when checked on /var/log/user.log

# tail -f /var/log/user.log

Feb 25 07:28:39 rastavarian suhosin[444]: ALERT – configured GET variable value length limit exceeded – dropped variable ‘cookie’ (attacker ‘202.42.246.191’, file ‘/var/www/wp-admin/admin-ajax.php’)
Feb 25 07:28:40 rastavarian suhosin[442]: ALERT – configured GET variable value length limit exceeded – dropped variable ‘cookie’ (attacker ‘202.42.246.191’, file ‘/var/www/wp-admin/admin-ajax.php’)

To fix this, edit /etc/php5/conf.d/suhosin.ini

# nano /etc/php5/conf.d/suhosin.ini

And modify the following line, increase 64 to 128:

suhosin.get.max_name_length = 128
suhosin.post.max_name_length = 128
suhosin.request.max_varname_length = 128

 

5 thoughts on “How to Fix Suhosin Error ‘ALERT – configured GET variable value length limit exceeded…’ on Debian Squeeze

    1. artinya, cara menanggulangi suhosin error “nilai variabel GET terlalu panjang” di linux debian versi squeeze
      🙂

  1. Hello,

    this:
    # nano /etc/php5/conf.d/suhosin.ini

    suhosin.get.max_name_length = 256
    suhosin.post.max_name_length = 256
    suhosin.request.max_varname_length = 256

    works perfekt…

    thank you very much for your dokumentation…

    Greedings from Germany.
    Frank Wiley

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.