-
Nginx > upload_max_filesize
The default upload_max_filesize and post_max_size for this setup with php-fpm is 2M. To adjust it, the Nginx config also needs a configuration change, otherwise you’re still stuck with a smaller limit.
PHP config
PHP config file is at /etc/php5/fpm/php.ini but it may be somewhere else for you, depending on the distro and packages used.
Find and edit the post_max_size and upload_max_filesize options to suit, noting that post_max_size should be equal to or greater than upload_max_filesize. In my case, I set them both to 10MB like so:
post_max_size = 10M upload_max_filesize = 10M
You’ll then need to restart/reload the PHP process that’s running. In my case this is php-fpm on Debian so you’d do it like this:
sudo service php5-fpm
Nginx config
By default, Nginx only allows 1MB to be sent as part of the request, so event the PHP default of 2MB is too big (never mind the 10MB I’ve just upped it to) and it will fail to allow this to upload. You’ll see something like this in the Nginx error log:
2014/02/11 13:44:10 [error] 7523#0: *1750090 client intended to send too large body: 2075258 bytes, client: 222.153.57.185, server: www.example.com, request: "POST /admin/files/upload/8458 HTTP/1.1", host: "www.example.com", referrer: "http://www.example.com/admin/files/browse/8458"
Edit the main nginx.conf file (/etc/nginx/nginx.conf on the Debian install) and add this to the http { } section, setting the amount to the same (or greater) than that set in the PHP config:
client_max_body_size 10m;
Now reload Nginx so the new setting takes effect, on a Debian install, like this:
sudo service nginx reload
Note that you don’t have to set it to 10MB as I have in this post; set it to an approriate value for you.
—
Limit File Upload Size in Nginx
Restricting file upload size is useful to prevent some types of denial-of-service (DOS) attacks and many other related issues.
By default, Nginx has a limit of 1MB on file uploads. To set file upload size, you can use the
client_max_body_sizedirective, which is part of Nginx’s ngx_http_core_module module. This directive can be set in the http, server or location context.It sets the maximum allowed size of the client request body, specified in the “Content-Length” request header field. Here’s an example of increasing the limit to 100MB in
/etc/nginx/nginx.conffile.Set in http block which affects all server blocks (virtual hosts).
http { ... client_max_body_size 100M; }Set in server block, which affects a particular site/app.
server { ... client_max_body_size 100M; }Set in location block, which affects a particular directory (uploads) under a site/app.
location /uploads { ... client_max_body_size 100M; }Save the file and restart Nginx web server to apply the recent changes using following command.
# systemctl restart nginx #systemd # service nginx restart #sysvinit
Once you have saved the changes and restarted the HTTP server, if the size in a request exceeds the configured value of 100MB, the 413 (Request Entity Too Large) error is returned to the client.
Note: You should keep in mind that sometimes browsers may not correctly display this error. And setting a valua (size) to 0 disables checking of client request body size.
Reference: ngx_http_core_module documentation