Secure Contact Form Results in Blank Page

In this website I’m using the Secure and Accessible PHP Contact Form v.2.0 wordpress plugin. After installing and configuring the plugin I tried submitting the form but all I got was a blank page after submitting the form.

I searched google to see if someone was experiencing the same problem but couldn’t find any detailed information, just someone saying that all they got was a HTTP 406 error in their logs. I checked my error logs but didn’t find that error; however, upon inspecting my raw access logs I saw some 406 responses from the server. So the blank page was indeed the 406 response from my server. From the definition of HTTP 406 response I learned that the problem could be that the server didn’t like the values I was passing it.

Now the 406 response could be raised by a couple of things. One of them is mod_security, if this is the source of your problems you could add some lines to your .htaccess to disable mod_security, read this solution on this HTTP 406 post. That being said, the solution didn’t fix my problem so I had to look for another suspect. My next step was to check my php configuration; this is where I found that there was a module installed that was redirecting to 406! The module’s name is suhosin, which is another security measure that is used for php. Now since I’m in a share host I cannot change the configuration of suhosin.

So I contacted my hosting company and asked them if they could change it but they said no. Which I understand, why change the config for just one guy’s code. However they gave me a more detailed log error which pointed out what part of the code was raising the problem. The problem was that some values where too darn long and looked suspicious to suhosin. The solution was to make them shorter.

The form_id, spam trap and send value where the values that where too long for my host’s suhosin configuration. The original code was:

$form_id = ''.$fd.''.$fp.''.$fl.''.$fv.''.$fh.'';
$trap1_value = ''.$fp.''.$fv.''.$fh.''.$fl.''.$fd.'';
$send_value = ''.$fh.''.$fd.''.$fv.''.$fp.''.$fl.'';

The new code:

$form_id = ''.$fd.''.$fp.'';
$trap1_value = ''.$fp.''.$fv.'';
$send_value = ''.$fh.''.$fd.'';

After making this change the form worked, anything larger value would result in a 406 response again. I don’t think this is a widespread issue or I would have found a solution quickly but I guess sh*t happens. If this post helps you or you have a better solution leave a comment.

3 thoughts on “Secure Contact Form Results in Blank Page”

  1. Joe,

    I encountered this issue a couple months ago, and the host increased the limit of the characters. Well, it seems they must have updated their suhosin, since now the forms on my two client sites have stopped working. Just checking, did you find any other solution?

  2. Deborah, I noticed that you said that your host increased the length of characters allowed and it worked? If that was the case and it no longer works again, ask them to do that change again, if not you can try what I did and dig into the form’s code and make shorter the characters of form_id, spam trap and send value.

    If that still doesn’t work, then your problem might be related to something else. If you don’t see any errors in your log ask them to check their logs and they might see the warnings/errors and give them to you.

    good luck!

Comments are closed.