Forbidden Error When Submitting Simple PHP Form

Given that you're able to post, and that your post-handling is apparently extremely simple and so unlikely to be throwing 403 errors or redirecting to forbidden directories, I'm going to hazard a guess that you're running an apache-level firewall. Have a look at your apache config files, and check to see if you're running mod_security or any other firewall module loaded. There are a number of ways mod_security can be configured, including scanning POST data for html content and reacting accordingly. If it is configured to prevent html injection, this may be your issue (see configuration details here: http://www.modsecurity.org/projects/modsecurity/apache/feature_content_injection.html).

To test this, try adding an htaccess file into your web root (assuming you're allowed to override apache settings with htaccess) and setting:

SecFilterEngine Off

Restart apache and then see if it's still happening.

If this is a shared host, or you otherwise don't have the ability to modify apache settings, you can try a workaround using javascript that base64 encodes all the data before submitting (onsubmit), and then base64_decode($_POST[key]) in the php script that processes it.


<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>

Use This Code I Think This Solved Your Problem


Just had the same sort of issue on submit showed 403 error but for me it was simple because the form was too big triggering a rule on mod_security.

Also worth increasing php.ini post_max_size and test size using: $_SERVER['CONTENT_LENGTH']