PHP5 configuration for GOsa and eGroupWare
eGroupWare
When I added about 250 users to a group in GOsa or in eGroupWare, I encountered the following problem with (open)SUSE 10.2, which I did not encounter with SUSE 10.0: 
station7: suhosin[373]: ALERT - configured request variable limit exceeded - dropped variable \ 'account_user[]' (attacker '172.16.130.9', file '/srv/www/htdocs/egroupware/index.php')
or:
station7: suhosin[371]: ALERT - configured request variable limit exceeded - dropped variable \ 'users[]' (attacker '172.16.130.9', file '/srv/www/htdocs/gosa/html/main.php')
After a while of research, I found the reason for this problem: the PHP5-packages of SUSE 10.2 were hardened with the Suhosin Extension 0.9.10. And the defaults were way to small for my needs …
The defaults were:
suhosin.get.max_vars 100 suhosin.post.max_vars 200 suhosin.request.max_vars 200
So I set higher parameters: 
/etc/apache2/conf.d/egroupware.conf:
# Apache and PHP configuration for eGroupWare
#
# Read /usr/share/doc/egroupware-core/phpgwapi/php-configuration.txt and
# /etc/php4/apache/php.ini about the meanings and suggested values for
# the configuration settings.  Many settings are required to have a
# certain value for eGroupWare to function reasonably, so only change
# something if you are sure.
Alias /egroupware /srv/www/htdocs/egroupware
<Directory /srv/www/htdocs/egroupware/>
  Options FollowSymLinks ExecCGI
  AllowOverride None
  Order allow,deny
  Allow from all
  DirectoryIndex index.html index.php
  AddHandler cgi-script .cgi
  AddDefaultCharset Off
  #--- php-settings - overriding /etc/php5/apache2/php.ini !!! ---#
  php_flag  magic_quotes_runtime Off
  php_flag register_globals Off
  php_value memory_limit 64M
  php_value max_execution_time 90
  php_flag file_uploads On
  php_value upload_max_filesize 6M
  php_value include_path .:/usr/share/php5/PEAR:/usr/share/php5
  php_value mbstring.func_overload 7
  php_flag magic_quotes_gpc Off
  php_value session.save_path /var/lib/egroupware/sessions
  php_value open_basedir /srv/www/htdocs/egroupware:/var/lib/egroupware:/tmp
  #--
  php_flag log_errors On
  php_flag short_open_tag On
  php_flag track_vars On
  php_value error_reporting 'E_ALL & ~E_NOTICE'
  php_value session.gc_maxlifetime 1440
  #-- php-suhosin-settings - overriding /etc/php5/conf.d/suhosin.ini !!! --#
  php_value suhosin.cookie.encrypt On
  php_value suhosin.get.max_vars 1000
  #php_value suhosin.post.max_array_index_length 1000
  #php_value suhosin.post.max_totalname_length 1000
  php_value suhosin.post.max_vars 1000
  #php_value suhosin.request.max_totalname_length 1000
  #php_value suhosin.request.max_array_depth 1000
  php_value suhosin.request.max_vars 1000
  <Files ~ "\.inc\.php$">
    Order allow,deny
    Deny from all
  </Files>
</Directory>
<Directory /srv/www/htdocs/egroupware/fudforum/>
  AllowOverride Limit Options
</Directory>
<Directory /srv/www/htdocs/egroupware/phpsysinfo/>
  php_value open_basedir /
</Directory>
<Location /egroupware/icalsrv.php>
    Script PUT /srv/www/htdocs/egroupware/icalsrv.php
    AddHandler ical/ics .ics
    Action ical/ics /srv/www/htdocs/egroupware/icalsrv.php
    Order allow,deny
    Allow from all
</Location>
<Location /egroupware/rpc.php>
    php_value mbstring.func_overload 0
    Order allow,deny
    Allow from all
</Location>
asynchronous Service (asynchroner Dienst)
Don't forget to increase also the memory_limit and the max_execution_time in /etc/php5/cli/php.ini, if you dare to run the asynchronous service …
/etc/php5/cli/php.ini:
memory_limit = 64M; max_execution_time = 90;
GOsa
/etc/apache2/conf.d/gosa.conf:
# Set alias to gosa Alias /gosa /srv/www/htdocs/gosa/html <Directory /srv/www/htdocs/gosa/> Options FollowSymLinks ExecCGI AllowOverride None Order allow,deny Allow from all DirectoryIndex index.htm index.php AddHandler cgi-script .cgi AddDefaultCharset Off #--- php-settings - overriding /etc/php5/apache2/php.ini !!! ---# php_flag zend.ze1_compatibility_mode Off php_flag allow_call_time_pass_reference On php_flag memory_limit 64M php_flag register_long_arrays On php_flag include_path .:/usr/share/php5:/usr/share/php5/PEAR php_flag upload_max_filesize 10M php_flag mbstring.func_overload 7 #-- #php_flag magic_quotes_runtime Off #php_flag register_globals Off #php_value memory_limit 64M #php_value max_execution_time 90 #php_flag file_uploads On #php_value upload_max_filesize 6M #php_value include_path .:/usr/share/php5/PEAR:/usr/share/php5 #php_value mbstring.func_overload 7 #php_flag magic_quotes_gpc Off #php_value session.save_path /var/lib/egroupware/sessions #php_value open_basedir /srv/www/htdocs/egroupware:/var/lib/egroupware:/tmp #php_flag log_errors On #php_flag short_open_tag On #php_flag track_vars On #php_value error_reporting 'E_ALL & ~E_NOTICE' #php_value session.gc_maxlifetime 1440 #-- php-suhosin-settings - overriding /etc/php5/conf.d/suhosin.ini !!! --# php_value suhosin.cookie.encrypt On php_value suhosin.get.max_vars 1000 #php_value suhosin.post.max_array_index_length 1000 #php_value suhosin.post.max_totalname_length 1000 php_value suhosin.post.max_vars 1000 #php_value suhosin.request.max_totalname_length 1000 #php_value suhosin.request.max_array_depth 1000 php_value suhosin.request.max_vars 1000 </Directory>
← index