Hi all, In case y'all haven't heard, there's this mega-evil hash table DDoS domesday thing? Right. The NY PHP list pointed out that the problem can be handled deftly on PHP servers by using the Suhosin extension (not the patch) with the suhosin.request.max_vars setting (default should work). http://www.hardened-php.net/suhosin/ More on this issue: http://seclists.org/fulldisclosure/2011/Dec/486 -- Yitzchak Schaffer Systems Manager Touro College Libraries 212.742.8770 ext. 2432 http://www.tourolib.org/