4 replies to this topic

[elangley]

Hello All,

 

I am experiencing Apache hanging on our server requiring a restart. In checking the Event Log there are a log of these entries;

 suhosin[3172]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker '220.181.108.176', file ...\public_html\path\wp-content\themes\pagelines\includes\library.pagelines.php(4) : runtime-created function', line 1)

 

Is this some type of attack?

 

~eric

[Rob]

Eric,

 

I'd not wait but rush to ask your host to check the logs.  It does seem to be some kind of attack coming from another IP.   That IP 220.181.108.176 is in China. 

 

There have been many such attacks lately. Most are DOS (Denial Of Service) and intent on hurting your server.  You will need to address this with the host as it's not a PageLines issue.

[Simon_P]

The Framework attempt to set the memory to the wordpress maximum which by default is 256M, it does this for css compiling only.

Wordpress will also set this limit during a core upgrade, we use the same function.

Anyway, your server has suhosin installed, which is for 'hardening' PHP, and it is blocking this from working.

As Rob mentioned you need to contact your host.

[elangley]

Simon, thanks for the reply. I am self hosted so I will be dealing with this.As an FYI I am running Zpanel, which installs and configures Apache (and suhosin).

 

So if I understand this correctly there is some issue with what Pagelines is trying to do and the default security configuration of the web server. 

 

To resolve it will involve either modify or disabling suhosin or modifying the way this aspect of Pagelines works. 

 

Pagelines, what is your position on this security related issue?

 

~eric

[Simon_P]

Eric it isnt a security related issue, suhosin is set to block php scripts raising the memory limit. So its a setting in the suhosin config.