Manual:Suhosin (Hardened-PHP Project patch and extension)

Jump to: navigation, search

Suhosin is a patch for the PHP code and, differently, an extension which hardens the PHP and aims to protect servers and users from known and unknown flaws in PHP. The Suhosin Hardened-PHP Project homepage is [1] .

The most common use is the dynamic linking of the Suhosin extension into PHP. Using the extension, you can for example in case of problems easily deactive the Suhosin extension in PHP by out-commenting the linking line in php.ini (shown below).

MediaWiki Extension[edit]

  • Extension:Suhosin can be used to adapt MediaWiki settings to the Suhosin extension's settings.

Suhosin extension settings for use with MediaWiki[edit]

When you downloaded and installed[2] the extension from , you should expressly set suhosin.get.max_value_length in your php.ini to a higher value (which overwrites the suhosin built-in default of 512), such as

suhosin.get.max_value_length = 2048
; comment out the following line if you want to run your PHP without Suhosin extension
; for example, if the extension makes trouble

and in your MediaWiki LocalSettings.php add a corresponding setting for $wgResourceLoaderMaxQueryLength[3]

$wgResourceLoaderMaxQueryLength = 2048;

or add this code, which dynamically adapts to the suhosin.get.max_value_length setting in php.ini but upper limited by your $wgResourceLoaderMaxQueryLength :

$wgResourceLoaderMaxQueryLength = 2048;

if ( extension_loaded( "suhosin" ) && ini_get( "suhosin.get.max_value_length" ) && ( !empty( $wgResourceLoaderMaxQueryLength ) ) ) {
  // suhosin is active, thus do something meaningful with ini_get( "suhosin.get.max_value_length" )
  $wgResourceLoaderMaxQueryLength = min( $wgResourceLoaderMaxQueryLength, ini_get( "suhosin.get.max_value_length" ) );
Warning Warning: It's reported that $wgResourceLoaderMaxQueryLength may not have effect (at least in MediaWiki 1.21), making JavaScripts (ResourceLoader) fail if suhosin.get.max_value_length is too low.
When installing MediaWiki, the MediaWiki installer will auto-detect what the current value of suhosin.get.max_value_length is, and set $wgResourceLoaderMaxQueryLength to an apropriate value in your LocalSettings.php file