linux:commserv:php:config

Buch erstellen
 Diese Seite zum Buch hinzufügen
Buch erstellen
 Diese Seite aus Buch entfernen  

 Buch anzeigen, ändern(0 Seite/n)
 Hilfe

PHP5 configuration for GOsa and eGroupWare

eGroupWare

When I added about 250 users to a group in GOsa or in eGroupWare, I encountered the following problem with (open)SUSE 10.2, which I did not encounter with SUSE 10.0: 

station7: suhosin[373]: ALERT - configured request variable limit exceeded - dropped variable \
'account_user[]' (attacker '172.16.130.9', file '/srv/www/htdocs/egroupware/index.php')

or: 

station7: suhosin[371]: ALERT - configured request variable limit exceeded - dropped variable \
'users[]' (attacker '172.16.130.9', file '/srv/www/htdocs/gosa/html/main.php')

After a while of research, I found the reason for this problem: the PHP5-packages of SUSE 10.2 were hardened with the Suhosin Extension 0.9.10. And the defaults were way to small for my needs …
The defaults were:

suhosin.get.max_vars 100
suhosin.post.max_vars 200
suhosin.request.max_vars 200

So I set higher parameters:

/etc/apache2/conf.d/egroupware.conf: 

# Apache and PHP configuration for eGroupWare
#
# Read /usr/share/doc/egroupware-core/phpgwapi/php-configuration.txt and
# /etc/php4/apache/php.ini about the meanings and suggested values for
# the configuration settings.  Many settings are required to have a
# certain value for eGroupWare to function reasonably, so only change
# something if you are sure.

Alias /egroupware /srv/www/htdocs/egroupware

<Directory /srv/www/htdocs/egroupware/>
  Options FollowSymLinks ExecCGI
  AllowOverride None
  Order allow,deny
  Allow from all
  DirectoryIndex index.html index.php
  AddHandler cgi-script .cgi
  AddDefaultCharset Off
  #--- php-settings - overriding /etc/php5/apache2/php.ini !!! ---#
  php_flag  magic_quotes_runtime Off
  php_flag register_globals Off
  php_value memory_limit 64M
  php_value max_execution_time 90
  php_flag file_uploads On
  php_value upload_max_filesize 6M
  php_value include_path .:/usr/share/php5/PEAR:/usr/share/php5
  php_value mbstring.func_overload 7
  php_flag magic_quotes_gpc Off
  php_value session.save_path /var/lib/egroupware/sessions
  php_value open_basedir /srv/www/htdocs/egroupware:/var/lib/egroupware:/tmp
  #--
  php_flag log_errors On
  php_flag short_open_tag On
  php_flag track_vars On
  php_value error_reporting 'E_ALL & ~E_NOTICE'
  php_value session.gc_maxlifetime 1440
  #-- php-suhosin-settings - overriding /etc/php5/conf.d/suhosin.ini !!! --#
  php_value suhosin.cookie.encrypt On
  php_value suhosin.get.max_vars 1000
  #php_value suhosin.post.max_array_index_length 1000
  #php_value suhosin.post.max_totalname_length 1000
  php_value suhosin.post.max_vars 1000
  #php_value suhosin.request.max_totalname_length 1000
  #php_value suhosin.request.max_array_depth 1000
  php_value suhosin.request.max_vars 1000

  <Files ~ "\.inc\.php$">
    Order allow,deny
    Deny from all
  </Files>
</Directory>

<Directory /srv/www/htdocs/egroupware/fudforum/>
  AllowOverride Limit Options
</Directory>

<Directory /srv/www/htdocs/egroupware/phpsysinfo/>
  php_value open_basedir /
</Directory>

<Location /egroupware/icalsrv.php>
    Script PUT /srv/www/htdocs/egroupware/icalsrv.php
    AddHandler ical/ics .ics
    Action ical/ics /srv/www/htdocs/egroupware/icalsrv.php
    Order allow,deny
    Allow from all
</Location>

<Location /egroupware/rpc.php>
    php_value mbstring.func_overload 0
    Order allow,deny
    Allow from all
</Location>
asynchronous Service (asynchroner Dienst)

Don't forget to increase also the memory_limit and the max_execution_time in /etc/php5/cli/php.ini, if you dare to run the asynchronous service …
/etc/php5/cli/php.ini:

memory_limit = 64M;
max_execution_time = 90;


GOsa

/etc/apache2/conf.d/gosa.conf: 

# Set alias to gosa
Alias /gosa /srv/www/htdocs/gosa/html

<Directory /srv/www/htdocs/gosa/>
  Options FollowSymLinks ExecCGI
  AllowOverride None
  Order allow,deny
  Allow from all
  DirectoryIndex index.htm index.php
  AddHandler cgi-script .cgi
  AddDefaultCharset Off
  #--- php-settings - overriding /etc/php5/apache2/php.ini !!! ---#
  php_flag zend.ze1_compatibility_mode Off
  php_flag allow_call_time_pass_reference On
  php_flag memory_limit 64M
  php_flag register_long_arrays On
  php_flag include_path .:/usr/share/php5:/usr/share/php5/PEAR
  php_flag upload_max_filesize 10M
  php_flag mbstring.func_overload 7
  #--
  #php_flag  magic_quotes_runtime Off
  #php_flag register_globals Off
  #php_value memory_limit 64M
  #php_value max_execution_time 90
  #php_flag file_uploads On
  #php_value upload_max_filesize 6M
  #php_value include_path .:/usr/share/php5/PEAR:/usr/share/php5
  #php_value mbstring.func_overload 7
  #php_flag magic_quotes_gpc Off
  #php_value session.save_path /var/lib/egroupware/sessions
  #php_value open_basedir /srv/www/htdocs/egroupware:/var/lib/egroupware:/tmp
  #php_flag log_errors On
  #php_flag short_open_tag On
  #php_flag track_vars On
  #php_value error_reporting 'E_ALL & ~E_NOTICE'
  #php_value session.gc_maxlifetime 1440
  #-- php-suhosin-settings - overriding /etc/php5/conf.d/suhosin.ini !!! --#
  php_value suhosin.cookie.encrypt On
  php_value suhosin.get.max_vars 1000
  #php_value suhosin.post.max_array_index_length 1000
  #php_value suhosin.post.max_totalname_length 1000
  php_value suhosin.post.max_vars 1000
  #php_value suhosin.request.max_totalname_length 1000
  #php_value suhosin.request.max_array_depth 1000
  php_value suhosin.request.max_vars 1000
</Directory>


index

Diese Website verwendet Cookies. Durch die Nutzung der Website stimmen Sie dem Speichern von Cookies auf Ihrem Computer zu. Außerdem bestätigen Sie, dass Sie unsere Datenschutzbestimmungen gelesen und verstanden haben. Wenn Sie nicht einverstanden sind, verlassen Sie die Website.Weitere Information
  • linux/commserv/php/config.txt
  • Zuletzt geändert: 2010-12-27 16:20
  • von 127.0.0.1