Unable To Save Products With Large Amount of Variations


When saving a large number variations onto a product or category, all variations do not save.

Known Cause

There have been reports of problems with saving products with a large amount of price variation options when the Suhosin security extension for PHP is installed or when using a version 5.3.9 (or later) of PHP.



If the Suhosin security extension is enabled, you will need to add or change the configuration parameters for how Suhosin’s data submission limits. These configuration settings can exist in any of three different files: php.ini,php.d/suhosin.ini, or .htaccess. The ini file parameters would look like:

suhosin.post.max_array_index_length = 256
suhosin.post.max_totalname_length = 65535
suhosin.post.max_vars = 1024
suhosin.request.max_array_index_length = 256
suhosin.request.max_totalname_length = 65535
suhosin.request.max_vars = 1024

You will need to restart your web server process for the changes to take effect. You should have no other issues saving complex product variations

Shared Hosting Environments
If you are on a shared hosting plan, you will likely not have access to edit the php.ini or suhosin.ini files. In that case, if your hosting provider has the server properly configured, you will be able to add the configuration changes to your website’s .htaccess file and add the following:

php_value suhosin.max_array_index_length 256
php_value suhosin.post.max_array_index_length 256
php_value suhosin.post.max_totalname_length 65535
php_value suhosin.post.max_vars 1024
php_value suhosin.request.max_array_index_length 256
php_value suhosin.request.max_totalname_length 65535
php_value suhosin.request.max_vars 1024

PHP 5.3.9+

A new security setting was added to PHP as of version 5.3.9 that sets the maximum allowed input variables. In most PHP installations, the default is set to 1000. When saving a product with more than 40 variants truncation of the input variables can occur resulting in only the first 40 or so rows of priceline variants to save.

To address this, it is necessary to adjust the max_input_vars setting (typicially in php.ini) to a value of 2000 or greater.

; How many GET/POST/COOKIE input variables may be accepted
max_input_vars = 2000

Alternatively, some servers may allow setting this value per directory using .htaccess:

php_value max_input_vars 2000

See Also

Unable To Save Products With Large Amount of Variations
  • 0.00 / 5 5
  1. A similar issue can occur when mod_security is enabled – this of course depends partly upon how mod_security has been configured.

    Note however that the symptoms may be slightly different from those experienced as a result of issues with Suhosin, for example a 503 error may be apparent in the case of mod_security issues.


    • It may be possible to disable mod_security per IP address by modifying the .htaccess file. See this link for details.
    • If the website is hosted by Dreamhost then it is worthwhile looking for the Extra Web Security option within the control panel and ensuring that it is set to “Off”.
    January 25th   #

You must be logged in to post a comment.

© Ingenesis Limited. Shopp™ is a registered trademark of Ingenesis Limited.