If you notice product variations, tax rates and other large data sets not saving, Suhosin (a security module in PHP) may be preventing the POST data from being saved. This issue can also be caused by servers with version PHP 5.3.9+ and servers running mod_security.
If enabled, Suhosin may need to be configured to increase its data submission limits. Changing Suhsoin settings differ from host to host so it’s usually better to consult with the provider than attempt it yourself, however some hosts allow you to change settings via php.ini, suhosin.ini, or .htaccess. Commonly, the following vars will need changing:
suhosin.post.max_array_index_length = 256 suhosin.post.max_totalname_length = 65535 suhosin.post.max_vars = 1024 suhosin.post.max_name_length = 256 suhosin.request.max_varname_length = 256 suhosin.request.max_array_index_length = 256 suhosin.request.max_totalname_length = 65535 suhosin.request.max_vars = 1024
After saving you will need to restart the server for the changes to take effect. See http://www.hardened-php.net/suhosin/configuration.html for more information on Suhosin settings.
In shared hosting environments it may not be possible to edit php.ini, in which case you may be able to set the suhosin settings via .htaccess:
php_value suhosin.max_array_index_length 256 php_value suhosin.post.max_array_index_length 256 php_value suhosin.post.max_totalname_length 65535 php_value suhosin.post.max_vars 1024 php_value suhosin.post.max_name_length 256 php_value suhosin.request.max_varname_length 256 php_value suhosin.request.max_array_index_length 256 php_value suhosin.request.max_totalname_length 65535 php_value suhosin.request.max_vars 1024
It is still recommended however to consult your hosting providers documentation, or raise a ticket with them for assistance.
If you use non-latin characters, you may want to increase the following value from the default 64. This will help with issues with non-latin characters.
suhosin.request.max_varname_length = 256
PHP 5.3.9+ and max_input_vars
Newer versions of PHP implement a php.ini directive called max_input_vars usually set to 1000. This means that posting > 1000 form fields for instance would be truncated preventing data from being saved.
This can be changed in php.ini:
max_input_vars = 2000
If you need to do this via htaccess (on a shared host for instance) you may use:
php_value max_input_vars 2000
Mod_security can also prevent data saving; you may experience error 503’s if this is the case. As with the above issues, you may want to contact your host to help resolve this. Workarounds include:
- Configuring mod_security to allow the data through (advanced)
- Disabling mod security by IP
- (Dreamhost only) Turn the “Extra web security” setting off in the control panel.
WP Max Submit Protect
To verify that you are really experiencing the issue describe in this document, you can temporarily install and activate this free plugin: WP Max Submit Protect.
If your site is hosted on WPEngine, you can also solve this issue by disabling object caching directly from your WordPress administration:
This settings can be changed from the main WPEngine menu: