What I've done? I've only tried to edit a table with phpmyadmin. I does'nt belong to a special table. I noticed it with several tables. Even if nothing was changed but afer using the safe button sshd breaks the connektion, apache disapears and other demons too.

Have you ever noticed thinks like that?
Could it be a faulty phpmyadmin version?

I'm using phpMyAdmin - 2.11.8.1deb5+lenny1

i think it's because fo the suhosin plugin that comes default with php5, when you log on phpmyadmin, look on the bottom of the right pane, there should be a notice about it (with a link to what you should change)

The only things I see in the right column on the start page is

phpMyAdmin - 2.11.8.1deb5+lenny1

* MySQL-Client-Version: 5.0.51a
* Verwandte php-Erweiterungen: mysql
*
Sprache - Language Info:
*
Oberflächendesign:
*
Schriftgröße:
* phpMyAdmin-Dokumentation
* phpMyAdmin Wiki
* Offizielle phpMyAdmin-Homepage
* [ChangeLog] [Subversion] [Lists]

goto /etc/php5/apache2/conf.d/

do you have a file called suhosin.ini in it?

if so, check these values:

suhosin.sql.bailout_on_error = off

suhosin.request.max_vars = 400
suhosin.request.max_totalname_length = 512
suhosin.request.max_array_index_length = 128
suhosin.post.max_vars = 400
suhosin.post.max_totalname_length = 512
suhosin.post.max_array_index_length = 128

(i've used these values for testing purpouse and seem to work, they probably could be better finetuned .. ah well it works ;-)

locate suhosin.ini shows no suhosin.ini at all. Is that default in ISPConfig for debian lenny?


locate php.ini shows
h1:/etc/php5# locate php.ini
/etc/php5/apache2/php.ini
/etc/php5/cgi/php.ini
/etc/php5/cli/php.ini
/usr/share/doc/php5-common/examples/php.ini-dist
/usr/share/doc/php5-common/examples/php.ini-paranoid
/usr/share/doc/php5-common/examples/php.ini-recommended
/usr/share/php5/php.ini-dist
/usr/share/php5/php.ini-dist.cli

I'm even not sure about the concept of the diffrend php versions of ISPC3 like fast-cgi, php, suphp and where to configure it differently?

Hmm, then i guess you don't have suhosin installed (it does come default with php5 lenny)

phpinfo(); can tell you if it's loaded as well.

(the reason why i'm focussing on suhosin, is because i had the same problem, but changing those suhosin settings fixed it :))

Suhosin is included:
This server is protected with the Suhosin Patch 0.9.6.2
Copyright (c) 2006 Hardened-PHP Project
But I don't see the suhosin directives with phpinfo()

1. What is the default in ISPConfig3 are any php or suhosin files been copied or edited? In my old php.ini the suhosin directives are in the php.ini. Should it be differend in to files php.ini and suhosin.ini?

2. How to use and where to configure the differed php options which comes whith ISPConfig3?
It should be possible to edit php-fcgi, mop-php etc. one by one and even differently for every website. But where and how to configure? What is the ISPConig3 concept for that?

3. Does somebody else have noticed a server crash after using phpmyadmin? I can reproduce it, but the envirement is'nt unusual so I think I sould not be the only one who can crash the whole server be edding a table with phpmyqdmin.

h1:~# uname -a Linux h1.adx.de 2.6.18-028stab060.8 #1 SMP Mon Feb 9 20:25:36 MSK 2009 i686 GNU/Linux
MySQL-Datenbank 5.0.51a
PHP 5.2.9-0.dotdeb.2
Debian Lenny on Virtuozzo

1. Your suhosin settings are default (on a debian lenny with ispconfig 3 installation): /etc/php5/apache2/conf.d/suhosin.ini

2. I _think_ it's done through the apache directive textarea per website. (but i'm not sure)

3. Well i've never had the problem of crashing the complete server when editing a table in phpmyadmin :(

1. Your suhosin settings are default (on a debian lenny with ispconfig 3 installation): /etc/php5/apache2/conf.d/suhosin.ini
...
You mean default is that there sould be an suhosin.ini file? But why I have no suhosin.ini at all as default? Could you post youre default suhosin.ini?

mark@hosting03:/etc/php5/apache2/conf.d$ cat suhosin.ini
; configuration for php suhosin module
extension=suhosin.so

;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;
; the following values are the internal default settings and set implicit
; feel free to modify to your needs

[suhosin]
; Logging Configuration
;suhosin.log.syslog.facility = 9
;suhosin.log.syslog.priority = 1
;suhosin.log.script = 0
;suhosin.log.phpscript = 0
;suhosin.log.script.name =
;suhosin.log.phpscript.name =
;suhosin.log.use-x-forwarded-for = off

; Executor Options
;suhosin.executor.max_depth = 0
;suhosin.executor.include.max_traversal = 0
;suhosin.executor.include.whitelist =
;suhosin.executor.include.blacklist =
;suhosin.executor.func.whitelist =
;suhosin.executor.func.blacklist =
;suhosin.executor.eval.whitelist =
;suhosin.executor.eval.blacklist =
;suhosin.executor.disable_emodifier = off
;suhosin.executor.allow_symlink = off

; Misc Options
;suhosin.simulation = off
;suhosin.apc_bug_workaround = off
suhosin.sql.bailout_on_error = off
;suhosin.sql.user_prefix =
;suhosin.sql.user_postfix =
;suhosin.multiheader = off
;suhosin.mail.protect = 0
;suhosin.memory_limit = 0

; Transparent Encryption Options
;suhosin.session.encrypt = on
;suhosin.session.cryptkey =
;suhosin.session.cryptua = on
;suhosin.session.cryptdocroot = on
;suhosin.session.cryptraddr = 0
;suhosin.session.checkraddr = 0
;suhosin.cookie.encrypt = on
;suhosin.cookie.cryptkey =
;suhosin.cookie.cryptua = on
;suhosin.cookie.cryptdocroot = on
;suhosin.cookie.cryptraddr = 0
;suhosin.cookie.checkraddr = 0
;suhosin.cookie.cryptlist =
;suhosin.cookie.plainlist =

; Filtering Options
;suhosin.filter.action =
;suhosin.cookie.max_array_depth = 100
;suhosin.cookie.max_array_index_length = 64
;suhosin.cookie.max_name_length = 64
;suhosin.cookie.max_totalname_length = 256
;suhosin.cookie.max_value_length = 10000
;suhosin.cookie.max_vars = 100
;suhosin.cookie.disallow_nul = on
;suhosin.get.max_array_depth = 50
;suhosin.get.max_array_index_length = 64
;suhosin.get.max_name_length = 64
;suhosin.get.max_totalname_length = 256
;suhosin.get.max_value_length = 512
;suhosin.get.max_vars = 100
;suhosin.get.disallow_nul = on
;suhosin.post.max_array_depth = 100
suhosin.post.max_array_index_length = 128
;suhosin.post.max_name_length = 64
suhosin.post.max_totalname_length = 512
;suhosin.post.max_value_length = 65000
suhosin.post.max_vars = 400
;suhosin.post.disallow_nul = on
;suhosin.request.max_array_depth = 100
suhosin.request.max_array_index_length = 128
suhosin.request.max_totalname_length = 512
;suhosin.request.max_value_length = 65000
suhosin.request.max_vars = 400
;suhosin.request.max_varname_length = 64
;suhosin.request.disallow_nul = on
;suhosin.upload.max_uploads = 25
;suhosin.upload.disallow_elf = on
;suhosin.upload.disallow_binary = off
;suhosin.upload.remove_binary = off
;suhosin.upload.verification_script =
;suhosin.session.max_id_length = 128

I'm still woundering abaout this log:

PHP Startup: Unable to load dynamic library '/usr/lib/php5/20060613+lfs/suhosin.so'

I've not installed the suhosin extension. But do I have to do it or could I leave it? I mean is the missing suhosin realy an error that crashes the server?

Just an idea - check to see what version of phpmyadmin you are running, because an exploit was released for it and lots of people have been using it. I myself was affected, and it shutdown my ispconfig control panel. Other services were not affected though.