then found out the Captcha won't work.. so I should look into that.
I realized some hosts (especially the biggest ones) have started to take 'server security' the easy way (for THEM at least). What they do is to block any 'suspicious' operations (when you run a script it gives you 403 - forbidden error), even very simple operations that should normally work. Then when you are mad what's going on, it turns out they ask you to send you link to the link to the script so that they could manually whitelist it. It's their approach to security.
Maybe this information will save somebody hours of frustrations I had to go through recently.