Title: Fatal Error QR CODE
Last modified: May 26, 2026

---

# Fatal Error QR CODE

 *  [espressivo](https://wordpress.org/support/users/espressivo/)
 * (@espressivo)
 * [1 week, 4 days ago](https://wordpress.org/support/topic/fatal-error-qr-code/)
 * [25-May-2026 17:54:46 UTC] PHP Fatal error: code length overflow. (2276>152) 
   in /home/nginx/domains/[site]/public/wp-content/plugins/better-wp-security/core/
   modules/two-factor/includes/qr-code.php on line 364
 * ??

Viewing 1 replies (of 1 total)

 *  Plugin Support [Pawel [SolidWP Support]](https://wordpress.org/support/users/solidwppawel/)
 * (@solidwppawel)
 * [1 week, 4 days ago](https://wordpress.org/support/topic/fatal-error-qr-code/#post-18919574)
 * Hi,
 * Thanks for the report. This is a confirmed bug in the QR code generator that 
   the two-factor module renders on the user profile screen, and there is a quick
   way to get back in.
 * What is happening: the otpauth payload encoded into the QR includes your site
   name twice (once as the account label and once as the issuer). The QR encoder
   bundled in the recent release has a sizing limit; when the site name is long 
   or contains non-ASCII characters (each one expands to several bytes once URL-
   encoded), the data goes past that limit and the encoder halts the whole page 
   with the “code length overflow” fatal you saw. The encoder is meant to fall back
   to our remote QR service when local generation fails, but this particular error
   type stops the page before that fallback can run.
 * The quickest fix (no code, fully reversible):
 * Temporarily shorten your Site Title to a short plain-ASCII value, then reload
   the user screen.
    1. Go to Settings > General in wp-admin.
    2. Set Site Title to something short using only standard A-Z letters (for example,“
       Site”).
    3. Save, then open the user profile again. It will load normally.
 * You can switch the title back afterward. If the longer title brings the error
   back, use the persistent option below so you can keep your original title.
 * Persistent fix that keeps your current Site Title (optional, one small file):
 * Create a file named `solid-security-2fa-qr-fix.php` inside `wp-content/mu-plugins/`(
   create the `mu-plugins` folder if it does not exist) with this content:
 *     ```wp-block-code
       <?php
       /**
        * Plugin Name: Kadence Security 2FA QR Overflow Hotfix
        * Description: Converts the uncatchable "code length overflow" E_USER_ERROR in the bundled QR encoder into an ErrorException so the plugin's own try/catch falls back to remote QR generation.
        * Version: 1.0.0
        */
   
       add_action( 'plugins_loaded', function () {
   
           $previous = set_error_handler( function ( $severity, $message, $file, $line ) use ( &$previous ) {
   
               $is_overflow = ( $severity === E_USER_ERROR )
                   && ( strpos( $message, 'code length overflow' ) === 0 )
                   && ( strpos( $file, 'two-factor/includes/qr-code.php' ) !== false
                       || strpos( $file, 'two-factor\\includes\\qr-code.php' ) !== false );
   
               if ( $is_overflow ) {
                   throw new ErrorException( $message, 0, $severity, $file, $line );
               }
   
               if ( is_callable( $previous ) ) {
                   return call_user_func( $previous, $severity, $message, $file, $line );
               }
   
               return false;
           } );
   
       }, 0 );
       ```
   
 * This converts that one specific error into a normal exception, which the plugin
   already knows how to handle, so it quietly switches to remote QR generation and
   the page loads as expected. It only acts on that exact error and passes everything
   else through untouched. To remove it later, just delete the file. It is a good
   idea to take a quick backup before adding a must-use plugin file, just in case.
 * Kind regards,
 * Pawel P.

Viewing 1 replies (of 1 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Ffatal-error-qr-code%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351)
 * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/)
 * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Pawel [SolidWP Support]](https://wordpress.org/support/users/solidwppawel/)
 * Last activity: [1 week, 4 days ago](https://wordpress.org/support/topic/fatal-error-qr-code/#post-18919574)
 * Status: not resolved