php suhosin alerts

I use suhosin. I get the following alerts.

ALERT-SIMULATION - tried to register forbidden variable '_REQUEST' through GET variables (attacker

ALERT-SIMULATION - tried to register forbidden variable '_REQUEST[option]' through GET variables (attacker

ALERT-SIMULATION - tried to register forbidden variable '_REQUEST[Itemid]' 开发者_Go百科through GET variables (attacker

ALERT-SIMULATION - tried to register forbidden variable 'GLOBALS' through GET variables (attacker

Are they real attackers? If not, how to set suhosin configuration to ignore these alert?

---

Those are not necessarily "attacks," but rather tests/prodding of your site to determine if they (the potential attacker) can inject code though register_globals being enabled.

The uri's used to produce those errors are as follows

http://www.example.com/index.php?_REQUEST=someValue
http://www.example.com/index.php?_REQUEST[option]=someValue
http://www.example.com/index.php?_REQUEST[ItemId]=someValue
http://www.example.com/index.php?GLOBALS=someValue

Do you have register_globals set to on?

That IP traces to ATL: http://www.ip-adress.com/ip_tracer/

---

Getting this error repeatedly ... spamming my syslog

3 22:32:01 REDACTED SERVER NAME suhosin[16290]: ALERT-SIMULATION - Include filename ('phar:///REDACTED/lib/cron.phar/Cron/CronExpression.php') is an URL that is not allowed (attacker '127.0.0.1', file 'REDACTED/lib/cron.phar', line 12)

... but register_globals are definitely off ... so what's the issue?