Archive for the ‘PHP’ Category

Hardened PHP

Friday, October 10th, 2008

In a (SUSE) server I’ve got this error message.

ALERT - configured request variable limit exceeded - dropped variable 'XXXX' (attacker 'XX.XX.XX.XX', file 'XXX'), referer: XXX

It looks like it has the “Suhosin Extension” of the Hardened-PHP Project.

So I configured the following variables in my .htaccess file:

php_value suhosin.get.max_vars 500
php_value suhosin.request.max_vars 500
php_value suhosin.post.max_vars 500

and everything worked fine again.

Enjoy,
Rob.

PHP and DL()

Wednesday, May 21st, 2008

The problem
I’ve tryied to execute a php script containing a dl() call to a .so from the command line and I’ve got the message:

Warning: dl(): Dynamically loaded extensions aren't enabled in /home/roberto/tmp/helloworld.php on line 6

The cause

The web host has not enabled dynamically loaded extensions.

The solution
I asked to the php interpreter where to find the configuration:

php --ini

Configuration File (php.ini) Path: /etc/php5/cli
Loaded Configuration File:         /etc/php5/cli/php.ini
Scan for additional .ini files in: /etc/php5/cli/conf.d
...

So with a simple sudo vi /etc/php5/cli/php.ini I changed the parameter enable_dl=Off to enable_dl=On.

Enjoy,
Rob.


 
Roberto Rocco Angeloni is proudly powered by WordPress
Entries (RSS) and Comments (RSS).

Fatal error: Cannot access protected property ObjectMgr::$_verbose in /web/htdocs/www.roccoangeloni.it/home/wp/wp-content/themes/rra/include.php on line 22