;extension=suhosin.so [suhosin] ; ; ===================== ; Logging Configuration ; ===================== ; ; suhosin.log.syslog ; ------------------ ; ; * Type: Integer ; * Default: S_ALL & ~S_SQL ; ; Defines what classes of security alerts are logged to the syslog daemon. ; Logging of errors of the class S_MEMORY are always logged to syslog, no matter ; what this configuration says, because a corrupted heap could mean that the ; other logging options will malfunction during the logging process. ; ; +------------+-----------+----------------------------------------------------+ ; | Constant | Value | Description | ; +============+===========+====================================================+ ; | S_MEMORY | 1 | All canary violations and the safe unlink | ; | | | protection use this class | ; +------------+-----------+----------------------------------------------------+ ; | S_MISC | 2 | All log messages (f.e. format string protection) | ; | | | that do not fit in other classes use this class | ; +------------+-----------+----------------------------------------------------+ ; | S_VARS | 4 | All variable filters trigger this class | ; +------------+-----------+----------------------------------------------------+ ; | S_FILES | 8 | All violations triggered by the uploaded files | ; | | | filter use this class | ; +------------+-----------+----------------------------------------------------+ ; | S_INCLUDE | 16 | The protection against malicious include filenames | ; | | | use this class | ; +------------+-----------+----------------------------------------------------+ ; | S_SQL | 32 | Failed SQL queries are logged with this class | ; | | | (not yet supported in Suhosin BETA) | ; +------------+-----------+----------------------------------------------------+ ; | S_EXECUTOR | 64 | The execution depth protection uses this logging | ; | | | class | ; +------------+-----------+----------------------------------------------------+ ; | S_MAIL | 128 | The mail() header newline protection uses this | ; | | | logging class | ; +------------+-----------+----------------------------------------------------+ ; | S_SESSION | 256 | The transparent session protection uses this | ; | | | logging class | ; +------------+-----------+----------------------------------------------------+ ; | S_ALL | 511 | Combines all classes | ; +------------+-----------+----------------------------------------------------+ ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value, e.g. `suhosin.log.syslog=511`. ; ;suhosin.log.syslog = S_ALL & ~S_SQL ; ; ; suhosin.log.syslog.facility ; --------------------------- ; ; * Type: Integer ; * Default: LOG_USER ; ; Defines the syslog facility that is used when ALERTs are logged to syslog. ; Depending on your system type (syslogd) the following facilities are available. ; Please check your system's include header if the values are the same for your ; syslogd. ; ; +--------------+-------+ ; | Constant | Value | ; +==============+=======+ ; | LOG_KERN | 8 | ; +--------------+-------+ ; | LOG_USER | 9 | ; +--------------+-------+ ; | LOG_MAIL | 10 | ; +--------------+-------+ ; | LOG_DAEMON | 11 | ; +--------------+-------+ ; | LOG_AUTH | 12 | ; +--------------+-------+ ; | LOG_SYSLOG | 13 | ; +--------------+-------+ ; | LOG_LPR | 14 | ; +--------------+-------+ ; | LOG_NEWS | 15 | ; +--------------+-------+ ; | LOG_UUCP | 16 | ; +--------------+-------+ ; | LOG_CRON | 17 | ; +--------------+-------+ ; | LOG_AUTHPRIV | 18 | ; +--------------+-------+ ; | LOG_LOCAL0 | 24 | ; +--------------+-------+ ; | LOG_LOCAL1 | 25 | ; +--------------+-------+ ; | LOG_LOCAL2 | 26 | ; +--------------+-------+ ; | LOG_LOCAL3 | 27 | ; +--------------+-------+ ; | LOG_LOCAL4 | 28 | ; +--------------+-------+ ; | LOG_LOCAL5 | 29 | ; +--------------+-------+ ; | LOG_LOCAL6 | 30 | ; +--------------+-------+ ; | LOG_LOCAL7 | 31 | ; +--------------+-------+ ; ;suhosin.log.syslog.facility = LOG_USER ; ; ; suhosin.log.syslog.priority ; --------------------------- ; ; * Type: Integer ; * Default: LOG_ALERT ; ; Defines the syslog priority that is used when ALERTs are logged to syslog. ; Depending on your system type (syslogd) the following priorities are available. ; Please check your system's include header if the values are the same for your ; syslogd. ; ; +------------+-------+ ; |Constant | Value | ; +============+=======+ ; |LOG_EMERG | 0 | ; +------------+-------+ ; |LOG_ALERT | 1 | ; +------------+-------+ ; |LOG_CRIT | 2 | ; +------------+-------+ ; |LOG_WARNING | 3 | ; +------------+-------+ ; |LOG_NOTICE | 4 | ; +------------+-------+ ; |LOG_INFO | 5 | ; +------------+-------+ ; |LOG_DEBUG | 6 | ; +------------+-------+ ; |LOG_ERR | 7 | ; +------------+-------+ ; ;suhosin.log.syslog.priority = LOG_ALERT ; ; ; suhosin.log.sapi ; ---------------- ; ; * Type: Integer ; * Default: 0 ; ; Defines what classes of security alerts are logged through the SAPI error log. ; For a list of available classes see table 1. ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value. ; ;suhosin.log.sapi = 0 ; ; ; suhosin.log.stdout ; ------------------ ; ; * Type: Integer ; * Default: 0 ; ; Defines what classes of security alerts are logged through STDOUT. For a list ; of available classes see table 1. ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value. ; ; **IMPORTANT NOTE**: This option is meant for debugging purposes and unittests ; only and should not be used in production. ; ;suhosin.log.stdout = 0 ; ; ; suhosin.log.file ; ---------------- ; ; * Type: Integer ; * Default: 0 ; ; Defines what classes of security alerts are logged to a separate Suhosin log ; file set by suhosin.log.file.name. ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value. ; ;suhosin.log.file = 0 ; ; ; suhosin.log.file.name ; --------------------- ; ; * Type: String ; * Default: ; ; Defines the full path to a dedicated Suhosin log file. ; ;suhosin.log.file.name = ; ; ; suhosin.log.file.time ; --------------------- ; ; * Type: Boolean ; * Default: On ; ; Specifies if suhosin.log.file contains timestamp for each log entry. ; ; **IMPORTANT NOTE**: This option is meant for debugging purposes and unittests ; only and should not be used in production. ; ;suhosin.log.file.time = On ; ; ; suhosin.log.script ; ------------------ ; ; * Type: Integer ; * Default: 0 ; ; Defines what classes of security alerts are logged through the external logging ; script. For a list of available classes see table 1. An exception is the ; S_MEMORY class. It cannot be logged by a script, because S_MEMORY is triggered ; by buffer overflows etc... which means the process is in an unstable state. ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value. ; ;suhosin.log.script = 0 ; ; ; suhosin.log.script.name ; ----------------------- ; ; * Type: String ; * Default: ; ; Defines the full path to an external logging script. The script is called with ; 2 parameters. The first one is the alert class in string notation and the ; second parameter is the log message. This can be used for example to mail ; failing MySQL queries to your email address, because on a production system ; these things should never happen (S_SQL not yet supported by Suhosin). ; ;suhosin.log.script.name = ; ; ; suhosin.log.phpscript ; --------------------- ; ; * Type: Integer ; * Default: 0 ; ; Defines what classes of security alerts are logged through the defined PHP ; script. For a list of available classes see table 1. Please notice, that only ; those classes are allowed, that can be triggered during script execution. An ; exception is the S_MEMORY class. It cannot be logged by a PHP script, because ; S_MEMORY is triggered by buffer overflows etc... which means the process is in ; an unstable state. ; ; Using constant names is only supported with the Suhosin-Patch. If in doubt, use ; the numeric value. ; ;suhosin.log.phpscript = 0 ; ; ; suhosin.log.phpscript.name ; -------------------------- ; ; * Type: String ; * Default: ; ; Defines the full path to a PHP logging script. The script is called with 2 ; variables registered in the current scope: SUHOSIN_ERRORCLASS and ; SUHOSIN_ERROR. The first one is the alert class and the second variable is the ; log message. This can be used for example to mail attempted remote URL include ; attacks to your email address. ; ;suhosin.log.phpscript.name = ; ; ; suhosin.log.phpscript.is_safe ; ----------------------------- ; ; * Type: Boolean ; * Default: Off ; ; Disables open_basedir (and safe_mode for older PHP versions < 5.4) when ; executing suhosin.log.phpscript.name. ; ;suhosin.log.phpscript.is_safe = Off ; ; ; suhosin.log.use-x-forwarded-for ; ------------------------------- ; ; * Type: Boolean ; * Default: Off ; ; When the Suhosin logs an error the log message also contains the IP of the ; attacker. Usually this IP is retrieved from the REMOTE_ADDR SAPI environment ; variable. With this switch it is possible to change this behavior to read the ; IP from the X-Forwarded-For HTTP header. This is for example necessary when ; your PHP server runs behind a reverse proxy. ; ;suhosin.log.use-x-forwarded-for = Off ; ; ; ================ ; Executor Options ; ================ ; ; suhosin.executor.max_depth ; -------------------------- ; ; * Type: Integer ; * Default: 750 ; ; Defines the maximum stack depth allowed by the executor before it stops the ; script. Without this function an endless recursion in a PHP script could crash ; the PHP executor or trigger the configured memory_limit. A value of '0' ; disables this feature. ; ; (Before 0.9.37, the default value was 0.) ; ;suhosin.executor.max_depth = 750 ; ; ; suhosin.executor.include.max_traversal ; -------------------------------------- ; ; * Type: Integer ; * Default: 0 ; ; Defines how many '../' an include filename needs to contain to be considered an ; attack and stopped. A value of '2' will block '../../etc/passwd', while a value ; of '3' will allow it. Most PHP applications should work flawlessly with values ; '4' or '5'. A value of '0' disables this feature. ; ;suhosin.executor.include.max_traversal = 0 ; ; ; suhosin.executor.include.whitelist ; ---------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated whitelist of URL schemes that are allowed to be included from ; include or require statements. Additionally to URL schemes it is possible to ; specify the beginning of allowed URLs. (f.e.: php://stdin) If no whitelist is ; specified, then the blacklist is evaluated. ; ; Notes: ; ; * This setting deactivates suhosin.executor.include.blacklist. ; * If both suhosin.executor.include.whitelist and ; suhosin.executor.include.blacklist are unset or empty, all URLs will be ; blocked. This is the default. ; ;suhosin.executor.include.whitelist = ; ; ; suhosin.executor.include.blacklist ; ---------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated blacklist of URL schemes that are not allowed to be included ; from include or require statements. Additionally to URL schemes it is possible ; to specify the beginning of allowed URLs. (f.e.: php://stdin) If no blacklist ; and no whitelist is specified all URL schemes are forbidden. ; ;suhosin.executor.include.blacklist = ; ; ; suhosin.executor.include.allow_writable_files ; --------------------------------------------- ; ; * Type: Boolean ; * Default: On ; ; Turn this flag off to prevent PHP from executing writable PHP files. This can ; prevent attackers from executing code that was uploaded before. ; ; Note: Some software such as web-installers or web-based plugin installers won't ; work out of the box with this flag turned off. ; ;suhosin.executor.include.allow_writable_files = On ; ; ; suhosin.executor.func.whitelist ; ------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated whitelist of functions that are allowed to be called. If the ; whitelist is empty the blacklist is evaluated, otherwise calling a function not ; in the whitelist will terminate the script and get logged. ; ; Note: This setting deactivates suhosin.executor.func.blacklist. ; ;suhosin.executor.func.whitelist = ; ; ; suhosin.executor.func.blacklist ; ------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated blacklist of functions that are not allowed to be called. If no ; whitelist is given, calling a function within the blacklist will terminate the ; script and get logged. ; ;suhosin.executor.func.blacklist = ; ; ; suhosin.executor.eval.whitelist ; ------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated whitelist of functions that are allowed to be called from ; within eval(). If the whitelist is empty the blacklist is evaluated, otherwise ; calling a function not in the whitelist will terminate the script and get ; logged. Please read the instructions carefully. ; ; Note: This setting deactivates suhosin.executor.eval.blacklist. ; ;suhosin.executor.eval.whitelist = ; ; ; suhosin.executor.eval.blacklist ; ------------------------------- ; ; * Type: String ; * Default: ; ; Comma separated blacklist of functions that are not allowed to be called from ; within eval(). If no whitelist is given, calling a function within the ; blacklist will terminate the script and get logged. Please read the ; instructions carefully. ; ;suhosin.executor.eval.blacklist = ; ; ; suhosin.executor.disable_eval ; ----------------------------- ; ; * Type: Boolean ; * Default: Off ; ; eval() is a very dangerous statement and therefore you might want to disable it ; completely. Deactivating it will however break lots of scripts. Because every ; violation is logged, this allows finding all places where eval() is used. ; ;suhosin.executor.disable_eval = Off ; ; ; suhosin.executor.disable_emodifier ; ---------------------------------- ; ; * Type: Boolean ; * Default: Off ; ; The /e modifier inside preg_replace() allows code execution. Often it is the ; cause for remote code execution exploits. It is wise to deactivate this feature ; and test where in the application it is used. The developer using the /e ; modifier should be made aware that he should use preg_replace_callback() ; instead. ; ;suhosin.executor.disable_emodifier = Off ; ; ; suhosin.executor.allow_symlink ; ------------------------------ ; ; * Type: Boolean ; * Default: Off ; ; This flag reactivates symlink() when open_basedir is used, which is disabled by ; default in Suhosin >= 0.9.6. Allowing symlink() while open_basedir is used is ; actually a security risk. ; ;suhosin.executor.allow_symlink = Off ; ; ; ============ ; Misc Options ; ============ ; ; suhosin.simulation ; ------------------ ; ; * Type: Boolean ; * Default: Off ; ; If you fear that Suhosin breaks your application, you can activate Suhosin's ; simulation mode with this flag. When Suhosin runs in simulation mode, ; violations are logged as usual, but nothing is blocked or removed from the ; request. (Transparent Encryptions are NOT deactivated in simulation mode.) ; ;suhosin.simulation = Off ; ; ; suhosin.perdir ; -------------- ; ; * Type: String ; * Default: "0" ; ; Allow certain categories of config directives to be changed by .htaccess for ; each directory individually. Possible values are "l" (log), "e" (exec), "g" ; (get), "c" (cookie), "p" (post), "r" (request), "s" (sql), "u" (upload), "m" ; (misc) or any combination, e.g. "legcprsum" to allow everything. Both "0" and ; no value disable this feature. ; ;suhosin.perdir = "0" ; ; ; suhosin.protectkey ; ------------------ ; ; * Type: Boolean ; * Default: On ; ; Prevent Suhosin's secret key material (suhosin.cookie.cryptkey, ; suhosin.session.cryptkey, suhosin.rand.seedingkey) from being exposed by ; phpinfo(). ; ;suhosin.protectkey = On ; ; ; suhosin.coredump ; ---------------- ; ; * Type: Boolean ; * Default: Off ; ; Controls if suhosin coredumps when the optional suhosin patch detects a buffer ; overflow, memory corruption or double free. This is only for debugging purposes ; and should not be activated. ; ;suhosin.coredump = Off ; ; ; suhosin.stealth ; --------------- ; ; * Type: Boolean ; * Default: On ; ; Controls if suhosin loads in stealth mode when it is not the only ; zend_extension (Required for full compatibility with certain encoders that ; consider open source untrusted. e.g. ionCube, Zend) ; ;suhosin.stealth = On ; ; ; suhosin.apc_bug_workaround ; -------------------------- ; ; * Type: Boolean ; * Default: Off ; ; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot ; first. It always uses resource slot 0. If Suhosin got this slot assigned APC ; will overwrite the information Suhosin stores in this slot. When this flag is ; set Suhosin will request 2 Slots and use the second one. This allows working ; correctly with these buggy APC versions. ; ;suhosin.apc_bug_workaround = Off ; ; ; suhosin.disable.display_errors ; ------------------------------ ; ; * Type: String ; * Default: 0 ; ; Prevent PHP from setting display_errors programmatically. "0" means off. Any ; one of "1", "on", "yes", "true" means on. "fail" or "2" (or greater values) ; will let PHP know that the value change failed. ; ;suhosin.disable.display_errors = 0 ; ; ; suhosin.multiheader ; ------------------- ; ; * Type: Boolean ; * Default: Off ; ; This directive controls if multiple headers are allowed or not in a header() ; call. By default the Suhosin forbids this. (HTTP headers spanning multiple ; lines are still allowed). ; ;suhosin.multiheader = Off ; ; ; suhosin.mail.protect ; -------------------- ; ; * Type: Integer ; * Default: 0 ; ; This directive controls if the mail() header protection is activated or not and ; to what degree it is activated. The appended table lists the possible ; activation levels. ; ; +-------+--------------------------------------------------------------------+ ; | Value | Description | ; +=======+====================================================================+ ; | 0 | mail() header protection is disabled | ; +-------+--------------------------------------------------------------------+ ; | 1 | Disallows newlines in Subject:, To: headers and double newlines in | ; | | additional headers | ; +-------+--------------------------------------------------------------------+ ; | 2 | Additionally disallows To:, CC:, BCC: in additional headers | ; +-------+--------------------------------------------------------------------+ ; ; Logging of this class of alerts is controlled by the new S_MAIL constant. ; ;suhosin.mail.protect = 0 ; ; ; suhosin.memory_limit ; -------------------- ; ; * Type: Integer ; * Default: 0 ; ; As long scripts are not running within safe_mode they are free to change the ; memory_limit to whatever value they want. Suhosin changes this fact and ; disallows setting the memory_limit to a value greater than the one the script ; started with, when this option is left at 0. A value greater than 0 means that ; Suhosin will disallow scripts setting the memory_limit to a value above this ; configured hard limit. This is for example useful if you want to run the script ; normally with a limit of 16M but image processing scripts may raise it to 20M. ; ;suhosin.memory_limit = 0 ; ; ; ======================== ; SQL Injection Protection ; ======================== ; This class of features is experimental and still in development. As of Suhosin ; version 0.9.36 only preliminary MySQL and Mysqli support was added. ; ; suhosin.sql.bailout_on_error ; ---------------------------- ; ; * Type: Boolean ; * Default: Off ; ; (Planned feature. This is not yet supported.) When an SQL Query fails scripts ; often spit out a bunch of useful information for possible attackers. When this ; configuration directive is turned on, the script will silently terminate, after ; the problem has been logged. ; ;suhosin.sql.bailout_on_error = Off ; ; ; suhosin.sql.user_match ; ---------------------- ; ; * Type: String ; * Default: ; ; (introduced in 0.9.37) The SQL username must match this wildcard pattern or the ; connect function will fail and return FALSE. Example: `suhosin.sql.user_match = ; public_*` ; ;suhosin.sql.user_match = ; ; ; suhosin.sql.user_prefix ; ----------------------- ; ; * Type: String ; * Default: ; ; This is an experimental feature for shared environments. With this ; configuration option it is possible to specify a prefix that is automatically ; prepended to the database username, whenever a database connection is made. ; (Unless the username starts with the prefix) ; ; With this feature it is possible for shared hosters to disallow customers to ; connect with the usernames of other customers. This feature is experimental, ; because support for PDO and PostgreSQL are not yet implemented. ; ;suhosin.sql.user_prefix = ; ; ; suhosin.sql.user_postfix ; ------------------------ ; ; * Type: String ; * Default: ; ; This is an experimental feature for shared environments. With this ; configuration option it is possible to specify a postfix that is automatically ; appended to the database username, whenever a database connection is made. ; (Unless the username end with the postfix) ; ; With this feature it is possible for shared hosters to disallow customers to ; connect with the usernames of other customers. This feature is experimental, ; because support for PDO and PostgreSQL are not yet implemented. ; ;suhosin.sql.user_postfix = ; ; ; suhosin.sql.comment ; ------------------- ; ; * Type: Integer ; * Default: 0 ; ; This is an experimental feature. Alert if an SQL query contains one or more ; comments starting with --, /* or #. A value of 1 logs the alert; 2 or greater ; let the call fail. ; ; Note: Mysql conditional statements starting with ``/*!`` are exempt if used ; with Mysqli. ; ;suhosin.sql.comment = 0 ; ; ; suhosin.sql.opencomment ; ----------------------- ; ; * Type: Integer ; * Default: 0 ; ; This is an experimental feature. ; Alert if a MySQL comment was started but not closed: ``/*`` without ``*/``. A ; value of 1 logs the alert; 2 or greater let the call fail. ; ;suhosin.sql.opencomment = 0 ; ; ; suhosin.sql.multiselect ; ----------------------- ; ; * Type: Integer ; * Default: 0 ; ; This is an experimental feature. ; Alert if an SQL query contains more than one SELECT statement. A value of 1 ; logs the alert; 2 or greater let the call fail. ; ; Note: This flag will recognise multiple statements as well as subselects, e.g. ; "SELECT 1; SELECT 2" and "SELECT * FROM (SELECT 1)". ; ;suhosin.sql.multiselect = 0 ; ; ; suhosin.sql.union ; ----------------- ; ; * Type: Integer ; * Default: 0 ; ; This is an experimental feature. ; Alert if an SQL query contains one or more UNIONs. ; A value of 1 logs the alert; 2 or greater let the call fail. ; ;suhosin.sql.union = 0 ; ; ; ============================== ; Transparent Encryption Options ; ============================== ; ; suhosin.session.encrypt ; ----------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that decides if the transparent session encryption is activated or not. ; ;suhosin.session.encrypt = On ; ; ; suhosin.session.cryptkey ; ------------------------ ; ; * Type: String ; * Default: ; ; Session data can be encrypted transparently. The encryption key used consists ; of this user defined string (which can be altered by a script via ini_set()) ; and optionally the User-Agent, the Document-Root and 0-4 octects of the ; REMOTE_ADDR. ; ;suhosin.session.cryptkey = ; ; ; suhosin.session.cryptua ; ----------------------- ; ; * Type: Boolean ; * Default: Off ; ; Flag that decides if the transparent session encryption key depends on the ; User-Agent field. (When activated this feature transparently adds a little bit ; protection against session fixation/hijacking attacks) ; ;suhosin.session.cryptua = Off ; ; ; suhosin.session.cryptdocroot ; ---------------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that decides if the transparent session encryption key depends on the ; Documentroot field. ; ;suhosin.session.cryptdocroot = On ; ; ; suhosin.session.cryptraddr ; -------------------------- ; ; * Type: Integer ; * Default: 0 ; ; Number of octets (0-4) from the REMOTE_ADDR that the transparent session ; encryption key depends on. Keep in mind that this should not be used on sites ; that have visitors from big ISPs, because their IP address often changes during ; a session. But this feature might be interesting for admin interfaces or ; intranets. When used wisely this is a transparent protection against session ; hijacking/fixation. This feature supports IPv4 only. ; ;suhosin.session.cryptraddr = 0 ; ; ; suhosin.session.checkraddr ; -------------------------- ; ; * Type: Integer ; * Default: 0 ; ; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the ; session. The difference to suhosin.session.cryptaddr is, that the IP is not ; part of the encryption key, so that the same session can be used for different ; areas with different protection levels on the site. This feature supports IPv4 ; only. ; ;suhosin.session.checkraddr = 0 ; ; ; suhosin.cookie.encrypt ; ---------------------- ; ; * Type: Boolean ; * Default: Off ; ; Flag that decides if the transparent cookie encryption is activated or not. ; ;suhosin.cookie.encrypt = Off ; ; ; suhosin.cookie.cryptkey ; ----------------------- ; ; * Type: String ; * Default: ; ; Cookies can be encrypted transparently. The encryption key used consists of ; this user defined string and optionally the User-Agent, the Document-Root and ; 0-4 octects of the REMOTE_ADDR. ; ;suhosin.cookie.cryptkey = ; ; ; suhosin.cookie.cryptua ; ---------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that decides if the transparent session encryption key depends on the ; User-Agent field. (When activated this feature transparently adds a little bit ; protection against session fixation/hijacking attacks (if only session cookies ; are allowed)) ; ;suhosin.cookie.cryptua = On ; ; ; suhosin.cookie.cryptdocroot ; --------------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that decides if the transparent cookie encryption key depends on the ; Documentroot field. ; ;suhosin.cookie.cryptdocroot = On ; ; ; suhosin.cookie.cryptraddr ; ------------------------- ; ; * Type: Integer ; * Default: 0 ; ; Number of octets (0-4) from the REMOTE_ADDR that the transparent cookie ; encryption key depends on. Keep in mind that this should not be used on sites ; that have visitors from big ISPs, because their IP address often changes during ; a session. But this feature might be interesting for admin interfaces or ; intranets. When used wisely this is a transparent protection against session ; hijacking/fixation. This feature supports IPv4 only. ; ;suhosin.cookie.cryptraddr = 0 ; ; ; suhosin.cookie.checkraddr ; ------------------------- ; ; * Type: Integer ; * Default: 0 ; ; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the ; cookie. The difference to suhosin.cookie.cryptaddr is, that the IP is not part ; of the encryption key, so that the same cookie can be used for different areas ; with different protection levels on the site. This feature supports IPv4 only. ; ;suhosin.cookie.checkraddr = 0 ; ; ; suhosin.cookie.cryptlist ; ------------------------ ; ; * Type: String ; * Default: ; ; In case not all cookies are supposed to get encrypted this is a comma separated ; list of cookie names that should get encrypted. All other cookies will not get ; touched. ; ; Note: Cookies handled on client side with JavaScript as well as on server side ; should not be encrypted, e.g. listed in suhosin.cookie.plainlist or omitted in ; suhosin.cookie.cryptlist. ; ;suhosin.cookie.cryptlist = ; ; ; suhosin.cookie.plainlist ; ------------------------ ; ; * Type: String ; * Default: ; ; In case some cookies should not be encrypted this is a comma separated list of ; cookies that do not get encrypted. All other cookies will be encrypted. ; ; Note: This setting deactivates suhosin.cookie.cryptlist. ; ;suhosin.cookie.plainlist = ; ; ; ================= ; Filtering Options ; ================= ; ; suhosin.filter.action ; --------------------- ; ; * Type: Mixed ; * Default: ; ; Defines the reaction of Suhosin on a filter violation. Following possible ; actions are supported ; ; +-------------------------------+--------------------------------------------+ ; | Type | Description | ; +===============================+============================================+ ; | | Normal action is simply blocking the | ; | | variable from being registered | ; +-------------------------------+--------------------------------------------+ ; | 402 | Do not execute the script and return a | ; | | HTTP 402 response code | ; +-------------------------------+--------------------------------------------+ ; | [302,]http://www.example.com | Redirect to http://www.example.com instead | ; | | of executing. Optionally set a specific | ; | | HTTP response code | ; +-------------------------------+--------------------------------------------+ ; | [402,]/var/scripts/badguy.php | Execute a specific PHP script instead of | ; | | the requested script. Optionally set a | ; | | specific HTTP response code | ; +-------------------------------+--------------------------------------------+ ; ;suhosin.filter.action = ; ; ; suhosin.cookie.max_array_depth ; ------------------------------ ; ; * Type: Integer ; * Default: 50 ; ; Defines the maximum depth an array variable may have, when registered through ; the COOKIE. ; ; Note: Array depth is not the number of elements within an array. ; ;suhosin.cookie.max_array_depth = 50 ; ; ; suhosin.cookie.max_array_index_length ; ------------------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of array indices for variables registered through ; the COOKIE. ; ;suhosin.cookie.max_array_index_length = 64 ; ; ; suhosin.cookie.max_name_length ; ------------------------------ ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of variable names for variables registered through ; the COOKIE. For array variables this is the name in front of the indices. ; ;suhosin.cookie.max_name_length = 64 ; ; ; suhosin.cookie.max_totalname_length ; ----------------------------------- ; ; * Type: Integer ; * Default: 256 ; ; Defines the maximum length of the total variable name when registered through ; the COOKIE. For array variables this includes all indices. ; ;suhosin.cookie.max_totalname_length = 256 ; ; ; suhosin.cookie.max_value_length ; ------------------------------- ; ; * Type: Integer ; * Default: 10000 ; ; Defines the maximum length of a variable that is registered through the COOKIE. ; ;suhosin.cookie.max_value_length = 10000 ; ; ; suhosin.cookie.max_vars ; ----------------------- ; ; * Type: Integer ; * Default: 100 ; ; Defines the maximum number of variables that may be registered through the ; COOKIE. ; ;suhosin.cookie.max_vars = 100 ; ; ; suhosin.cookie.disallow_nul ; --------------------------- ; ; * Type: Boolean ; * Default: On ; ; When set to On ASCIIZ chars are not allowed in variables. ; ;suhosin.cookie.disallow_nul = On ; ; ; suhosin.cookie.disallow_ws ; -------------------------- ; ; * Type: Boolean ; * Default: On ; ; Ignore cookies with names starting with whitespace. ; ;suhosin.cookie.disallow_ws = On ; ; ; suhosin.get.max_array_depth ; --------------------------- ; ; * Type: Integer ; * Default: 50 ; ; Defines the maximum depth an array variable may have, when registered through ; the URL. ; ; Note: Array depth is not the number of elements within an array. ; ;suhosin.get.max_array_depth = 50 ; ; ; suhosin.get.max_array_index_length ; ---------------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of array indices for variables registered through ; the URL. ; ;suhosin.get.max_array_index_length = 64 ; ; ; suhosin.get.max_name_length ; --------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of variable names for variables registered through ; the URL. For array variables this is the name in front of the indices. ; ;suhosin.get.max_name_length = 64 ; ; ; suhosin.get.max_totalname_length ; -------------------------------- ; ; * Type: Integer ; * Default: 256 ; ; Defines the maximum length of the total variable name when registered through ; the URL. For array variables this includes all indices. ; ;suhosin.get.max_totalname_length = 256 ; ; ; suhosin.get.max_value_length ; ---------------------------- ; ; * Type: Integer ; * Default: 512 ; ; Defines the maximum length of a variable that is registered through the URL. ; ;suhosin.get.max_value_length = 512 ; ; ; suhosin.get.max_vars ; -------------------- ; ; * Type: Integer ; * Default: 100 ; ; Defines the maximum number of variables that may be registered through the URL. ; ;suhosin.get.max_vars = 100 ; ; ; suhosin.get.disallow_nul ; ------------------------ ; ; * Type: Boolean ; * Default: On ; ; When set to On ASCIIZ chars are not allowed in variables. ; ;suhosin.get.disallow_nul = On ; ; ; suhosin.get.disallow_ws ; ----------------------- ; ; * Type: Boolean ; * Default: Off ; ; Ignore GET parameters with names starting with whitespace. ; ;suhosin.get.disallow_ws = Off ; ; ; suhosin.post.max_array_depth ; ---------------------------- ; ; * Type: Integer ; * Default: 50 ; ; Defines the maximum depth an array variable may have, when registered through a ; POST request. ; ; Note: Array depth is not the number of elements within an array. ; ;suhosin.post.max_array_depth = 50 ; ; ; suhosin.post.max_array_index_length ; ----------------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of array indices for variables registered through a ; POST request. ; ;suhosin.post.max_array_index_length = 64 ; ; ; suhosin.post.max_name_length ; ---------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of variable names for variables registered through a ; POST request. For array variables this is the name in front of the indices. ; ;suhosin.post.max_name_length = 64 ; ; ; suhosin.post.max_totalname_length ; --------------------------------- ; ; * Type: Integer ; * Default: 256 ; ; Defines the maximum length of the total variable name when registered through a ; POST request. For array variables this includes all indices. ; ;suhosin.post.max_totalname_length = 256 ; ; ; suhosin.post.max_value_length ; ----------------------------- ; ; * Type: Integer ; * Default: 1000000 ; ; Defines the maximum length of a variable that is registered through a POST ; request. ; ;suhosin.post.max_value_length = 1000000 ; ; ; suhosin.post.max_vars ; --------------------- ; ; * Type: Integer ; * Default: 1000 ; ; Defines the maximum number of variables that may be registered through a POST ; request. ; ;suhosin.post.max_vars = 1000 ; ; ; suhosin.post.disallow_nul ; ------------------------- ; ; * Type: Boolean ; * Default: On ; ; When set to On ASCIIZ chars are not allowed in variables. ; ;suhosin.post.disallow_nul = On ; ; ; suhosin.post.disallow_ws ; ------------------------ ; ; * Type: Boolean ; * Default: Off ; ; Ignore POST parameters with names starting with whitespace. ; ;suhosin.post.disallow_ws = Off ; ; ; suhosin.request.array_index_blacklist ; ------------------------------------- ; ; * Type: String ; * Default: "'\"+<>;()" ; ; Defines a character blacklist for array indices not allowed in user input. ; ;suhosin.request.array_index_blacklist = "'\"+<>;()" ; ; ; suhosin.request.array_index_whitelist ; ------------------------------------- ; ; * Type: String ; * Default: ; ; * Example: "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" ; ; Defines a character whitelist for array indices allowed in user input. ; ; Note: This setting deactivates suhosin.request.array_index_blacklist. ; ;suhosin.request.array_index_whitelist = ; ; ; suhosin.request.max_array_depth ; ------------------------------- ; ; * Type: Integer ; * Default: 50 ; ; Defines the maximum depth an array variable may have, when registered through ; GET , POST or COOKIE. This setting is also an upper limit for the separate GET, ; POST, COOKIE configuration directives. ; ; Note: Array depth is not the number of elements within an array. ; ;suhosin.request.max_array_depth = 50 ; ; ; suhosin.request.max_array_index_length ; -------------------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum length of array indices for variables registered through ; GET, POST or COOKIE. This setting is also an upper limit for the separate GET, ; POST, COOKIE configuration directives. ; ;suhosin.request.max_array_index_length = 64 ; ; ; suhosin.request.max_totalname_length ; ------------------------------------ ; ; * Type: Integer ; * Default: 256 ; ; Defines the maximum length of variable names for variables registered through ; the COOKIE, the URL or through a POST request. This is the complete name ; string, including all indices. This setting is also an upper limit for the ; separate GET, POST, COOKIE configuration directives. ; ;suhosin.request.max_totalname_length = 256 ; ; ; suhosin.request.max_value_length ; -------------------------------- ; ; * Type: Integer ; * Default: 1000000 ; ; Defines the maximum length of a variable that is registered through the COOKIE, ; the URL or through a POST request. This setting is also an upper limit for the ; variable origin specific configuration directives. ; ;suhosin.request.max_value_length = 1000000 ; ; ; suhosin.request.max_vars ; ------------------------ ; ; * Type: Integer ; * Default: 1000 ; ; Defines the maximum number of variables that may be registered through the ; COOKIE, the URL or through a POST request. This setting is also an upper limit ; for the variable origin specific configuration directives. ; ;suhosin.request.max_vars = 1000 ; ; ; suhosin.request.max_varname_length ; ---------------------------------- ; ; * Type: Integer ; * Default: 64 ; ; Defines the maximum name length (excluding possible array indices) of variables ; that may be registered through the COOKIE, the URL or through a POST request. ; This setting is also an upper limit for the variable origin specific ; configuration directives. ; ;suhosin.request.max_varname_length = 64 ; ; ; suhosin.request.disallow_nul ; ---------------------------- ; ; * Type: Boolean ; * Default: On ; ; When set to On ASCIIZ chars are not allowed in variables. ; ;suhosin.request.disallow_nul = On ; ; ; suhosin.request.disallow_ws ; --------------------------- ; ; * Type: Boolean ; * Default: Off ; ; Ignore all variables with names starting with whitespace. ; ;suhosin.request.disallow_ws = Off ; ; ; suhosin.upload.max_uploads ; -------------------------- ; ; * Type: Integer ; * Default: 25 ; ; Defines the maximum number of files that may be uploaded with one request. ; ;suhosin.upload.max_uploads = 25 ; ; ; suhosin.upload.max_newlines ; --------------------------- ; ; * Type: Integer ; * Default: 100 ; ; Defines the maximum number of newlines in rfc1867 mime headers. ; (added with version 0.9.38) ; ;suhosin.upload.max_newlines = 100 ; ; ; suhosin.upload.disallow_elf ; --------------------------- ; ; * Type: Boolean ; * Default: On ; ; When set to On it is not possible to upload ELF executables. ; ;suhosin.upload.disallow_elf = On ; ; ; suhosin.upload.disallow_binary ; ------------------------------ ; ; * Type: Boolean ; * Default: Off ; ; When set to On it is not possible to upload binary files. ; ;suhosin.upload.disallow_binary = Off ; ; ; suhosin.upload.remove_binary ; ---------------------------- ; ; * Type: Boolean ; * Default: Off ; ; When set to On binary content is removed from the uploaded files. ; ;suhosin.upload.remove_binary = Off ; ; ; suhosin.upload.allow_utf8 ; ------------------------- ; ; * Type: Boolean ; * Default: Off ; ; This is an experimental feature. This option allows UTF-8 along with ASCII when ; using `suhosin.upload.disallow_binary` or `suhosin.upload.remove_binary`. ; ;suhosin.upload.allow_utf8 = Off ; ; ; suhosin.upload.verification_script ; ---------------------------------- ; ; * Type: String ; * Default: ; ; This defines the full path to a verification script for uploaded files. The ; script gets the temporary filename supplied and has to decide if the upload is ; allowed. A possible application for this is to scan uploaded files for viruses. ; The called script has to write a 1 as first line to standard output to allow ; the upload. Any other value or no output at all will result in the file being ; deleted. ; ;suhosin.upload.verification_script = ; ; ; suhosin.session.max_id_length ; ----------------------------- ; ; * Type: Integer ; * Default: 128 ; ; Specifies the maximum length of the session identifier that is allowed. When a ; longer session identifier is passed a new session identifier will be created. ; This feature is important to fight buffer overflows in 3rd party session ; handlers. ; ;suhosin.session.max_id_length = 128 ; ; ; suhosin.server.encode ; --------------------- ; ; * Type: Boolean ; * Default: On ; ; Encode potentially dangerous characters in REQUEST_URI and QUERY_STRING with ; URL encoding. ; ;suhosin.server.encode = On ; ; ; suhosin.server.strip ; -------------------- ; ; * Type: Boolean ; * Default: On ; ; Replace potentially dangerous characters in PHP_SELF, PATH_INFO, ; PATH_TRANSLATED and HTTP_USER_AGENT with '?'. ; ;suhosin.server.strip = On ; ; ; suhosin.rand.seedingkey ; ----------------------- ; ; * Type: String ; * Default: ; ; This string is added to the entropy pool for seeding the random number ; generator. ; ;suhosin.rand.seedingkey = ; ; ; suhosin.rand.reseed_every_request ; --------------------------------- ; ; * Type: Boolean ; * Default: Off ; ; Controls if automatic reseeding of rand() / mt_rand() is done for every new ; request. Will improve security but decrease performance. In case the system's ; entry pool is exhausted, this flag may either significantly increase execution ; time or otherwise use less entropy (which is bad). ; ;suhosin.rand.reseed_every_request = Off ; ; ; suhosin.srand.ignore ; -------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that controls if calls to srand() are ignored in favour of Suhosin's own ; enhanced seeding - since 0.9.36 calls will trigger auto-reseeding. ; ;suhosin.srand.ignore = On ; ; ; suhosin.mt_srand.ignore ; ----------------------- ; ; * Type: Boolean ; * Default: On ; ; Flag that controls if calls to mt_srand() are ignored in favour of Suhosin's ; own enhanced seeding - since 0.9.36 calls will trigger auto-reseeding. ; ;suhosin.mt_srand.ignore = On ;