Forum

Hi Hugo,

Is Hiawatha compatible with Suhosin ?

Hi Hugo,

This is my error log file and 10.8.20.14 is the hiawatha reverse proxy server

Apr 18 21:34:59 softfloor-outlet suhosin[80907]: ALERT - configured GET variable value length limit exceeded - dropped variable 'load[]' (attacker '10.8.20.14', file '/www//httpdocs/wp-admin/load-scripts.php')
Apr 18 21:34:59 softfloor-outlet suhosin[80907]: ALERT - dropped 4 request variables - (4 in GET, 0 in POST, 0 in COOKIE) (attacker '10.8.20.14', file '/www//httpdocs/wp-admin/load-scripts.php')
Apr 18 21:35:09 softfloor-outlet suhosin[80907]: ALERT - script tried to increase memory_limit to 134217728 bytes which is above the allowed value (attacker '10.8.20.14', file '/www//httpdocs/httpdocs/wp-includes/default-constants.php', line 47)
Apr 18 21:35:10 softfloor-outlet suhosin[80907]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker '10.8.20.14', file '/www//httpdocs/httpdocs/wp-admin/admin.php', line 155)

Could you please help to stop the proxy from been treated as an attacker?

Thank you

Suhosin is a patch for PHP. Hiawatha and PHP are not the same.

Use the HideProxy option, after applying this patch.

Hi Hugo,

I applied the patch and when I set HideProxy on the second webserver, all i get is a blank page.
No error message in the logs
you can see my patch here:
https://www.hiawatha-webserver.org/forum/topic/2241

Hugo,
Is there a way to verify if the patch has been applied correctly?

Yes. If it works, than the patch was applied correctly.

Hi Hugo,
I've got a bug report on FreeBSD
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208973
I have reinstall Hiawatha from scratch via the port tree and enabled HideProxy = 10.8.20.xx and I can now see the real IP
So if anyone else ask (FreeBSD).. you know what to tell them

Great!