Msg#: 4418312 posted 9:10 am on Feb 17, 2012 (gmt 0)
Of course I don't want less security, but there are always things that are not that effective, unneeded or redundant, which is why I asked.
But implementation is being a bit problematic. The phpMyAdmin FAQ [phpmyadmin.net ] recommends changes to suhosin.ini
The default values for most Suhosin configuration options will work in most scenarios, however you might want to adjust at least following parameters:
suhosin.request.max_vars should be increased (eg. 2048) suhosin.post.max_vars should be increased (eg. 2048) suhosin.request.max_array_index_length should be increased (eg. 256) suhosin.post.max_array_index_length should be increased (eg. 256) suhosin.request.max_totalname_length should be increased (eg. 8192) suhosin.post.max_totalname_length should be increased (eg. 8192) suhosin.get.max_value_length should be increased (eg. 1024) suhosin.sql.bailout_on_error needs to be disabled (the default) suhosin.log.* should not include SQL, otherwise you get big slowdown
Most of these are straightforward, but the last is - as far as I can determine - undocumented or unclear. See [hardened-php.net ] The default suhosin.ini entry has no value
Looking at other suhosin.log settings and the suhosin config docs, I get the impression that to remove SQL from the logging, I should set the value to 16 or lower. But I can't find anything on Google or the phpadmin or suhosin sites to give that credibility.