Contact form give 403 Forbidden Access on Submit
I have the following html and php codes for my contact form. At first when website was uploaded live it worked. After a few days I noticed the contact form was giving 403 forbidden error on submit. I've changed the file permission to 755 and it worked for a short time and then went back to 403 forbidden. Not sure if something wrong with my php or html. Please help.
HTML Code:
<form action="email.php" method="post">
<div class="col-md-12">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="first-name" placeholder="First Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="last-name" placeholder="Last Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="email" placeholder="Email">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="number" class="form-control" name="phone" placeholder="Phone">
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<textarea name="message" class="form-control" id="" cols="30" rows="7" placeholder="Message"></textarea>
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<input type="submit" value="Send Message" class="btn btn-primary">
</div>
</div>
</div>
</div>
</form>
PHP Code:
<?php
$firstname = $_POST['first-name'];
$lastname = $_POST['last-name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $firstname $lastname n Email: $email n Phone: $phone
n Message: $message";
$recipient = "main@yaxcheadventuretours.com";
$subject = "Contact Form from $firstname $lastname";
$mailheader = "From: $firstname $lastname $email rn";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo'
<script>
window.onload = function() {
alert("Thank You for reaching out to us!");
location.href = "contact.html";
}
</script>
';
?>
php
add a comment |
I have the following html and php codes for my contact form. At first when website was uploaded live it worked. After a few days I noticed the contact form was giving 403 forbidden error on submit. I've changed the file permission to 755 and it worked for a short time and then went back to 403 forbidden. Not sure if something wrong with my php or html. Please help.
HTML Code:
<form action="email.php" method="post">
<div class="col-md-12">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="first-name" placeholder="First Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="last-name" placeholder="Last Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="email" placeholder="Email">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="number" class="form-control" name="phone" placeholder="Phone">
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<textarea name="message" class="form-control" id="" cols="30" rows="7" placeholder="Message"></textarea>
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<input type="submit" value="Send Message" class="btn btn-primary">
</div>
</div>
</div>
</div>
</form>
PHP Code:
<?php
$firstname = $_POST['first-name'];
$lastname = $_POST['last-name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $firstname $lastname n Email: $email n Phone: $phone
n Message: $message";
$recipient = "main@yaxcheadventuretours.com";
$subject = "Contact Form from $firstname $lastname";
$mailheader = "From: $firstname $lastname $email rn";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo'
<script>
window.onload = function() {
alert("Thank You for reaching out to us!");
location.href = "contact.html";
}
</script>
';
?>
php
add a comment |
I have the following html and php codes for my contact form. At first when website was uploaded live it worked. After a few days I noticed the contact form was giving 403 forbidden error on submit. I've changed the file permission to 755 and it worked for a short time and then went back to 403 forbidden. Not sure if something wrong with my php or html. Please help.
HTML Code:
<form action="email.php" method="post">
<div class="col-md-12">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="first-name" placeholder="First Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="last-name" placeholder="Last Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="email" placeholder="Email">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="number" class="form-control" name="phone" placeholder="Phone">
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<textarea name="message" class="form-control" id="" cols="30" rows="7" placeholder="Message"></textarea>
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<input type="submit" value="Send Message" class="btn btn-primary">
</div>
</div>
</div>
</div>
</form>
PHP Code:
<?php
$firstname = $_POST['first-name'];
$lastname = $_POST['last-name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $firstname $lastname n Email: $email n Phone: $phone
n Message: $message";
$recipient = "main@yaxcheadventuretours.com";
$subject = "Contact Form from $firstname $lastname";
$mailheader = "From: $firstname $lastname $email rn";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo'
<script>
window.onload = function() {
alert("Thank You for reaching out to us!");
location.href = "contact.html";
}
</script>
';
?>
php
I have the following html and php codes for my contact form. At first when website was uploaded live it worked. After a few days I noticed the contact form was giving 403 forbidden error on submit. I've changed the file permission to 755 and it worked for a short time and then went back to 403 forbidden. Not sure if something wrong with my php or html. Please help.
HTML Code:
<form action="email.php" method="post">
<div class="col-md-12">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="first-name" placeholder="First Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="last-name" placeholder="Last Name">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="text" class="form-control" name="email" placeholder="Email">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<input type="number" class="form-control" name="phone" placeholder="Phone">
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<textarea name="message" class="form-control" id="" cols="30" rows="7" placeholder="Message"></textarea>
</div>
</div>
<div class="col-md-12">
<div class="form-group">
<input type="submit" value="Send Message" class="btn btn-primary">
</div>
</div>
</div>
</div>
</form>
PHP Code:
<?php
$firstname = $_POST['first-name'];
$lastname = $_POST['last-name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $firstname $lastname n Email: $email n Phone: $phone
n Message: $message";
$recipient = "main@yaxcheadventuretours.com";
$subject = "Contact Form from $firstname $lastname";
$mailheader = "From: $firstname $lastname $email rn";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo'
<script>
window.onload = function() {
alert("Thank You for reaching out to us!");
location.href = "contact.html";
}
</script>
';
?>
php
php
asked Nov 23 '18 at 18:16
BuSol ConsultingBuSol Consulting
32
32
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.
My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.
add a comment |
Try to look into server error log which will help you and you can get the detailed information from there
Also, you are redirecting to contact.html page
location.href = "contact.html";
Check if the .htaccess has any restriction to .html file
If you are not seeing this file then you can change setting to view hidden files.
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53451361%2fcontact-form-give-403-forbidden-access-on-submit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.
My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.
add a comment |
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.
My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.
add a comment |
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.
My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.
My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.
answered Nov 23 '18 at 18:23
GusGus
847
847
add a comment |
add a comment |
Try to look into server error log which will help you and you can get the detailed information from there
Also, you are redirecting to contact.html page
location.href = "contact.html";
Check if the .htaccess has any restriction to .html file
If you are not seeing this file then you can change setting to view hidden files.
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
add a comment |
Try to look into server error log which will help you and you can get the detailed information from there
Also, you are redirecting to contact.html page
location.href = "contact.html";
Check if the .htaccess has any restriction to .html file
If you are not seeing this file then you can change setting to view hidden files.
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
add a comment |
Try to look into server error log which will help you and you can get the detailed information from there
Also, you are redirecting to contact.html page
location.href = "contact.html";
Check if the .htaccess has any restriction to .html file
If you are not seeing this file then you can change setting to view hidden files.
Try to look into server error log which will help you and you can get the detailed information from there
Also, you are redirecting to contact.html page
location.href = "contact.html";
Check if the .htaccess has any restriction to .html file
If you are not seeing this file then you can change setting to view hidden files.
edited Nov 23 '18 at 19:00
Zoe
11.3k74078
11.3k74078
answered Nov 23 '18 at 18:30
AkhileshAkhilesh
626
626
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
add a comment |
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
The .htaccess file is empty. The server error says the following:
– BuSol Consulting
Nov 23 '18 at 20:01
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
PHP Notice: Undefined index: first-name in /home/yaxche/public_html/email.php on line 2 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: last-name in /home/yaxche/public_html/email.php on line 3 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: email in /home/yaxche/public_html/email.php on line 4 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: phone in /home/yaxche/public_html/email.php on line 5 [21-Nov-2018 23:30:49 UTC] PHP Notice: Undefined index: message in /home/yaxche/public_html/email.php on line 6
– BuSol Consulting
Nov 23 '18 at 20:04
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
OK so these errors are not related to it. Are you using any framework ?
– Akhilesh
Nov 24 '18 at 2:25
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
Just sass and bootsrap
– BuSol Consulting
Nov 24 '18 at 4:01
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53451361%2fcontact-form-give-403-forbidden-access-on-submit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown