Frequently Asked Questions

A list of common issues and questions along with appropriate resolution steps. If you don't find an answer to your question here, please open a ticket with us.


General Issues

SupportPal periodically results in a redirect loop which stops after clearing cookies.

Possible Cause mod_security is running on your server and falsely detecting the AES encrypted SupportPal session cookie as a threat

The rules used in mod_security are very generic in nature, this can subsequently lead to false positives. In versions prior to RC1 of CRS 3.0, the redirect is default behaviour when a rule has been violated. From CRS 3.0 RC1 onwards the default behaviour was changed to a 403 Forbidden status specifically because it was causing redirect loops. The mod_security team are also aware of cookies causing false positives and are looking for a a fix.

We recommend that you upgrade to the latest version of CRS 3.0 and if you're still experiencing issues implement exceptions. For example, the below exception will bypass a given rule if a cookie named "supportpal" is present:

SecRuleUpdateTargetById <rule_number> !REQUEST_COOKIES:supportpal

Please replace <rule_number> with the number that is triggering a false positive.

All of my pages are generating 404 error pages.

Possible Cause URL redirection is most likely not working.

All installations ship with a .htaccess file to facilitate "pretty URLs". Please ensure that you are using redirect rules appropriate for your web server.

If you're using Apache web server and your .htaccess file is not working please ensure:

  1. mod_rewrite is enabled
  2. "AllowOverride" is not blocking .htaccess usage

I keep getting a blank page. How do I fix it?

Possible Cause A blank page typically means that your server does not meet the System Requirements.

Firstly, please ensure that your server meets all of the system requirements - in particular file permissions.

If the error persists, please consult the error log in storage/logs/. If you're unable to find the error message here, for example the file is empty, the error may have been written to your web server's error log typically /var/log on Unix.

Alternatively, you may also consider enabling debug mode in config/production/app.php:

'debug' => true,

What does "Whoops! Something went wrong." mean?

Possible Cause The message signifies that an unexpected error has occurred, it only appears while the application is running in production. It is used to prevent complex unexpected errors from being displayed to the user.
Resolution Please consult storage/logs/ for the actual error message.

Installation Issues

The installer is unavailable with 502 Bad Gateway: upstream sent too big header while reading response header

  • SupportPal is unavailable:
    502 Bad Gateway
  • In the log files /var/log/nginx/error.log or /var/www/vhosts/ the following error message can be found:
                            [error] 6890#0: *15355 upstream sent too big header while reading response header from upstream,
                                client:, server:,
                                request: "POST /en/install/step4 HTTP/2.0",
                                upstream: "",
                                host: "",
                                referrer: ""
Cause A request cannot be processed by the proxy server because of insufficient buffer size.
  1. Increase 'buffers" and 'buffer_size' in /etc/nginx/nginx.conf under http { section. For example:
    proxy_buffers 8 16k;
    proxy_buffer_size 32k;
    fastcgi_buffers 8 16k;
    fastcgi_buffer_size 32k;
  2. Restart nginx service

How do I remove 'disabled_functions'?

Environment Description
cPanel (WHM access) If you manage your own cPanel installation and have WHM access:
  1. Go to WHM -> PHP Configuration Editor -> Advanced Mode
  2. In Advanced Mode, find 'disable_functions' and simply remove escapeshellarg
  3. Save
cPanel (Shared Hosting) Please ask your web hosting provider to remove the functions.

A blank page is displayed when loading SupportPal

Possible Cause Ioncube Loaders aren't working
Resolution Please ensure you have IonCube loaders installed and functioning on your server.

500 Error - Internal Server Page shows

Possible Cause Resolution
There's a problem with your htaccess file. Try renaming your .htaccess to htaccess (remove the dot), then browse to the root of your installation directory. For example:
Incorrect file permissions. Please ensure you have the correct permissions on all files (typically 644) and folders (typically 755). Also ensure that the /bootstrap/cache, /config and /storage folders (and recursive directories below) are writeable by the web server.
Ioncube Loader v4.7.5 There are known issues with Ioncube Loader v4.7.5 (shipped with cPanel). Please upgrade to the latest Ioncube Loader version and restart your web server.

I'm using windows and IIS web server. How do I fix the requirements page saying directories are not writable?

Possible Cause The web server does not have appropriate permissions to write to the directories.
Resolution Ensure each of the below users have full permission to each of the directories specified in the system requirements:
  • IUSR
  • IIS_IUSRS(<servername>\IIS_IUSRS)

Login/Logout Issues

I keep getting logged out and shown the "Taking a break" page.

Possible Cause Resolution
Your php.ini file is syntactically invalid. Please ensure the post_max_size and upload_max_filesize items contain valid values.
'Remember me' By default, sessions last for 1 hour. We recommend to check the 'Remember me' box when logging in to prevent your session from being cut short.
If you don't force all connections to use the same domain e.g. then you will get separate session cookies for and so logging into one will log you out of the other Set your SupportPal installation domain in /config/production/session.php:


return [
    'driver' => 'file',
    'domain' => null,
If you're running SupportPal from a subdirectory, the cookie may be clashing with other software running on the same domain. Set the subdirectory in config/production/session.php:


return [
    'driver' => 'file',
    'path'   => '/',
The 'file' session driver is sometimes unreliable. For better performance and reliability, we recommend switching to the Redis session driver, see Changing File Storage Path

Email Issues

Email links are incorrect or embedded images do not load

Possible Cause Brand URL is incorrect
Resolution Go to Settings -> General -> Brands, click on the relevant brand and update the System URL.

File Uploads

How to debug file upload problems

Possible Cause Your php.ini is misconfigured, or php does not have read / write permissions to the temporary uploads directory.
Resolution Login to operator and browse to Utilities > PHP Information, then check the below settings:
  1. Ensure file_uploads is set to 1
  2. Ensure upload_max_filesize is larger than the file you're trying to upload
  3. Ensure post_max_size is larger than or equal to upload_max_filesize (above)
  4. Ensure memory_limit is larger than upload_max_filesize, it should be several times larger
  5. Ensure upload_tmp_dir is read writable by the PHP / web server process. If the setting value is empty, it defaults to the system default which is usually /tmp on Linux and C:\Windows\Temp on Windows.

    If you're using Windows and IIS, please ensure each of the below users have full permission to the upload_tmp_dir directory:
    1. IUSR
    2. IIS_IUSRS(<servername>\IIS_IUSRS)
  6. If upload_tmp_dir is null, the open_basedir setting must include the system default directory

Failed to import email that contains large attachments or embedded images

Possible Cause Your configured PHP or MySQL resource allocation is too small.
Resolution PHP
  1. Ensure upload_max_filesize is larger than the file
  2. Ensure memory_limit is larger than upload_max_filesize, it should be several times larger
  1. Ensure max_allowed_packet is larger than the raw contents of the email

Changing Functionality

iFrames are being removed. How do I fix this?

Cause This is a security feature to prevent cross-site scripting (XSS) attacks.
Resolution By default we whitelist a number of domains that are permitted to use iframe. Follow the below steps to add your domain to the whitelist:
  1. Create or edit the following file: config/production/purifier.php
  2. Add your domain to the value of URI.SafeIframeRegexp - replace your-domain-here below (do not include http://)
    return array(
        "settings" => array(
            "default" => array(
                "URI.SafeIframeRegexp" => "%^(http://|https://|//)(||your-domain-here)%",