New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setting memory_limit above allowed value results in false attacker identification #10396
Comments
Good find. Thank you for creating the issue 👍 |
Hi @robertharm it's trying to set the memory to 768M not 8GB. This value comes from the
Piwik reads the memory_limit value and will try to set it to at least 768M while archiving, if the current memory limit value is less. If you don't need 768M minimum then you can override in your config/config.ini.php such as:
maybe we could create a FAQ but I think this is an edge case so I'm closing the issue for now. cheers |
I think this is a bug. Piwik should not try to allocate more memory than configured in |
the reason we need this code in Piwik is that, by default many of our users' PHP configuration does not have enough memory allocated (since Piwik archiving is especially memory hungry). the code makes Piwik more user friendly and less likely to fail at random times. We used to have this problem often and people had to change their PHP config which they cannot always easily do. it's an edge case because this error is only triggered when the Suhosin php extension is used. I think less people are using this extension compared to before. btw just found that WP does a similar thing and they like us have a configurable setting to change the memory limit that WP will try to allocate. |
I understand why it's done but it should still not trigger warnings. A solution could be to check whether suhosin is installed etc |
Within the PHP error logs I see a lot of the following alerts :
ALERT - script tried to increase memory_limit to 805306368 bytes which is above the allowed value (attacker 'xx.xx.xx.xx', file '/piwik/core/SettingsServer.php', line 183
It would be great if Piwik would first try to get the allowed memory_limit before trying to set it to 8GB, resulting in unnecessary security alerts.
The text was updated successfully, but these errors were encountered: