Author Topic: Wordpress not saving changes - php max_input_vars issue?  (Read 4791 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Wordpress not saving changes - php max_input_vars issue?
« on: April 05, 2020, 09:42:35 PM »
hello, i'm having issues with a hosted website.
the website was developed locally and then uploaded to the server. It is wordpress based and use a page builder.
Everything is fine but when i try to change something inside a page, in the builder part... it doesn't save the changes.

the theme support says it depends on the server, and the php max_input_vars should be the problem. Actually if the change is small it works, but it doesn't when it's a bigger change. i put the max_input_vars to 25000 but i still get the error.

Any hint on how to fix? thanks

Re: Wordpress not saving changes - php max_input_vars issue?
« Reply #1 on: April 05, 2020, 09:47:12 PM »
I suspect that you'll need to exclude a mod_sec rule (if indeed you have it activated!), though will open a door for parameter abuse.

Offline
*
Re: Wordpress not saving changes - php max_input_vars issue?
« Reply #2 on: April 06, 2020, 01:47:50 PM »
I agree with ejsolutions, it's very likely that mod_sec will cause issues with page builders or even WordPress itself, even though it has a default exclusion list.

Does the page refresh but doesn't save or just loads forever when you hit the save button? Also maybe take a look at apache's error logs to see what the problem is exactly.

Re: Wordpress not saving changes - php max_input_vars issue?
« Reply #3 on: April 06, 2020, 02:24:09 PM »
Mod_sec log will flag the access IP as a violation and display the rule number that triggered it.

Offline
*
Re: Wordpress not saving changes - php max_input_vars issue?
« Reply #4 on: April 06, 2020, 05:56:51 PM »
thanks i disabled it for the time of the changes and then reenabled, it worked fine

thanks ejsolutions

Re: Wordpress not saving changes - php max_input_vars issue?
« Reply #5 on: April 06, 2020, 06:30:26 PM »
thanks i disabled it for the time of the changes and then reenabled, it worked fine
A valid way of doing this, for better protection - if you remember the next time. ;)
It's what I'd do, given the amount of hack attempts against Wordpress - be sure to add Wordfence!
(You can disable a rule for a specific website, so as not to compromise the whole server.)