Manual:Suhosin

Suhosin is a patch for the PHP code and, differently, an extension which hardens the PHP and aims to protect servers and users from known and unknown flaws in PHP. The Suhosin Hardened-PHP Project homepage is http://www.hardened-php.net/suhosin/ ^[1] .

The most common use is the dynamic linking of the Suhosin extension suhosin.so into PHP. Using the extension, you can for example in case of problems easily deactive the Suhosin extension in PHP by out-commenting the linking line in php.ini (shown below).

Suhosin extension settings for use with MediaWiki

If you download and install^[2] the Suhosin PHP extension from http://www.hardened-php.net/suhosin/download.html , you must explicitly set suhosin.get.max_value_length in your php.ini to a value higher than 2000 (to overwrite the built-in default of 512, which is too low):

[suhosin]
suhosin.get.max_value_length = 2048
; comment out the following line if you want to run your PHP without Suhosin extension
; for example, if the extension makes trouble
extension=suhosin.so

When installing MediaWiki, the MediaWiki installer will auto-detect what the current value of suhosin.get.max_value_length is, and warn you if it is too low.

references

↑ The Suhosin author can be contacted through the Suhosin Git repository
↑ Instructions for installing the Suhosin extension

This article is issued from Mediawiki. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[1] The Suhosin author can be contacted through the Suhosin Git repository

[2] Instructions for installing the Suhosin extension

[1]

[2]