On my last post I was uploading some images to include in the post using WordPress. I noticed in my error logs that while resizing the images the PHP script attempts to raise the memory limit.
Feb 26 22:52:29 host suhosin[9636]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'XXX.XXX.XXX.XXX', file '/var/www/wordpress/wp-admin/includes/image.php', line 161)
This is fair enough and is a good idea for security and to stop your server getting overloaded by a single script. So I looked into how to fix this and its a very simple process.
You need to edit your suhosin config. I am doing this under Ubuntu 9.04 mine is located ‘/etc/php5/apache2/conf.d/suhosin.ini’. To fix it for WordPress just add the setting `suhosin.memory_limit` to the config file with the appropriate value in the case of WordPress it needs to be set to 256.
Your config should end up looking like this
extension=suhosin.so [suhosin] suhosin.memory_limit = 256M
that is it really very simple. I am going to have a bit of a tweak with suhosin config later I think the default config can be improved a lot.
Hey, aren’t you missing the M at the end of suhosin.memory_limit = 256?
Yes your correct. I’ve updated the post, thanks for pointing it out.
Hi, thanks for putting this up; my server just freaked out with a cpu spiked at 100% for an hour… apparently (or AFAIK at the moment) this is related to this so I’ll try your tip and see if it resolves my problem even though I can’t be sure as everything now seems to be okay after a reboot.
However, you’ve misspelled the config filename as ‘/etc/php5/apache2/conf.d/suhosin.in’ whereas the actual file name is suhosin.ini.
Cheers,
Håkan
Thanks for pointing out the error Håkan I have corrected it. I hope your problem is now solved.
On Debian 6 squeeze, the file is /etc/php5/conf.d/suhosin.ini
[…] Jediné, co mě zatím z dostupné konfigurace napadlo je potenciální problém s instalovaným Suhosinem. Zkuste projít jeho konfiguraci, zda tam není nějaké další omezené paměti, podrobnosti viz např. tento článek […]
As a webhost I gotta say just giving your script more memory is a bad idea unless you have your own server. Think about it, 256 megs allocated for 1 website on a shared host is just not realistic. WordPress should manage its memory requirements much better, don’t you think?