Php ini_set max upload size

PHP protects server performance by limiting file upload sizes, but the default limit is too low for many modern web applications. You’re likely to encounter this issue when a PHP application displays an error message asking you to increase the PHP max upload file size. There are various ways to increase the upload limit, including editing PHP configuration files directly. In this article, we’ll show you how to adjust PHP upload limits in cPanel & WHM quickly.

Table of Contents Show

What Is “upload_max_filesize” in PHP?
How to Change the PHP Max Upload Size in WHM?
What is the maximum upload file size in PHP?
How do I change max upload file size in PHP?
Can we upload file of any size to a PHP application?
How do I increase max upload size?

What Is “upload_max_filesize” in PHP?

The upload_max_filesize directive is a PHP variable set in the system and local php.ini files and user.ini files. These determine the PHP interpreter’s baseline configuration. As you might expect, upload_max_filesize limits the maximum allowable size of an uploaded file. The PHP default is 2 Megabytes, and you will have to increase it if you want to upload larger files via a PHP web application.

You may also have to adjust other directives, including:

post_max_size, which must be larger than upload_max_filesize.
memory_limit, which should be larger than post_max_size.

PHP directive values are expressed in bytes. If you set upload_max_filesize to 1000, the maximum size is 1000 bytes. However, you can also use the shorthand byte values K, M, and G for kilobytes, megabytes, and gigabytes. So, 1000K is 1000 kilobytes and 10G is 10 gigabytes.

In cPanel, you can edit PHP directives for locations and domains controlled by your account with the MultiPHP INI Editor, which you will find under Software in the main page menu.

Open the MultiPHP INI editor and select a location from the dropdown.

Scroll to the entry for upload_max_filesize and edit the associated value. Ensure that the value for post_max_size is larger than upload_max_filesize, and click apply at the bottom of the page.

How to Change the PHP Max Upload Size in WHM?

Whereas cPanel allows you to edit PHP directives in local directories, in WHM you can edit directives in the server’s main php.ini file. This affects all accounts using a particular PHP version.

To increase the PHP upload limit in WHM, open MultiPHP INI Editor from the Software section of the sidebar menu. In the dropdown, select a PHP version. PHP versions have independent configurations, so you must edit the max upload variable for all versions you wish to change.

Scroll to upload_max_filesize and edit the adjacent value before clicking Apply at the bottom of the page. Ensure that post_max_size is at least as large.

To learn more about editing PHP directives and what the customizable directives do, take a look at the MultiPHP INI Editor for WHM documentation.

As always, if you have any feedback or comments, please let us know. We are here to help in the best ways we can. You’ll find us on Discord, the cPanel forums, and Reddit. Be sure to also follow us on Facebook, Instagram, and Twitter.

The MAX_FILE_SIZE item cannot specify a file size greater than the file size that has been set in the upload_max_filesize in the php.ini file. The default is 2 megabytes.

If a memory limit is enabled, a larger memory_limit may be needed. Make sure you set memory_limit large enough.

If max_execution_time is set too small, script execution may be exceeded by the value. Make sure you set max_execution_time large enough.

Note: max_execution_time only affects the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), the sleep() function, database queries, time taken by the file upload process, etc. is not included when determining the maximum time that the script has been running.

Warning

max_input_time sets the maximum time, in seconds, the script is allowed to receive input; this includes file uploads. For large or multiple files, or users on slower connections, the default of 60 seconds may be exceeded.

If post_max_size is set too small, large files cannot be uploaded. Make sure you set post_max_size large enough.

The max_file_uploads configuration setting controls the maximum number of files that can uploaded in one request. If more files are uploaded than the limit, then $_FILES will stop processing files once the limit is reached. For example, if max_file_uploads is set to 10, then $_FILES will never contain more than 10 items.

Not validating which file you operate on may mean that users can access sensitive information in other directories.

Due to the large amount of directory listing styles we cannot guarantee that files with exotic names (like containing spaces) are handled properly.

A developer may not mix normal input fields and file upload fields in the same form variable (by using an input name like foo[]).

amalcon _a_t_ eudoramail _d_o_t_ com ¶

18 years ago

Note that, when you want to upload VERY large files (or you want to set the limiters VERY high for test purposes), all of the upload file size limiters are stored in signed 32-bit ints. This means that setting a limit higher than about 2.1 GB will result in PHP seeing a large negative number. I have not found any way around this.

Nirmal Natarajan ¶

12 years ago

If using IIS 7.0 or above, the Request Filtering is enabled by default and the max allowed content length is set to 30 MB.

One must change this value if they want to allow file uploads of more than 30 MB.

Sample web.config entry:

<configuration> </system.webServer> <security> <requestFiltering> <requestLimits maxAllowedContentLength="314572800"/> </requestFiltering> </security> </system.webServer> </configuration>

The above setting will allow 300 MB of data to be sent as a request. Hope this helps someone.

adrien.nizon+phpnet at gmail dot com ¶

6 years ago

[Editor's note: to be more precise, MAX_FILE_SIZE can't exceed PHP_INT_MAX before PHP 7.1.]

Please note that the field MAX_FILE_SIZE cannot exceed 2147483647. Any greater value will lead to an upload error that will be displayed at the end of the upload

This is explained by the related C code : if (!strcasecmp(param, "MAX_FILE_SIZE")) { max_file_size = atol(value); }

The string is converted into a long int, which max value is... 2147483647

Seems to be corrected since php-7.1.0beta3 (https://github.com/php/php-src/commit/cb4c195f0b85ca5d91fee1ebe90105b8bb68356c)

admin at creationfarm dot com ¶

19 years ago

The macintosh OS (not sure about OSx) uses a dual forked file system, unlike the rest of the world ;-). Every macintosh file has a data fork and a resource fork. When a dual forked file hits a single forked file system, something has to go, and it is the resource fork. This was recognized as a problem (bad idea to begin with) and apple started recomending that developers avoid sticking vital file info in the resource fork portion of a file, but some files are still very sensitive to this. The main ones to watch out for are macintosh font files and executables, once the resource fork is gone from a mac font or an executable it is useless. To protect the files they should be stuffed or zipped prior to upload to protect the resource fork.

Most mac ftp clients (like fetch) allow files to be uploaded in Macbinhex, which will also protect the resource fork when transfering files via ftp. I have not seen this equivilent in any mac browser (but I haven't done too much digging either).

FYI, apple does have an old utility called ResEdit that lets you manipulate the resource fork portion of a file.

bohwaz ¶

3 hours ago

Please be advised that setting a large post_max_size or upload_max_filesize for a complete server or a complete virtual host is not a good idea as it may lead to increased security risks.

The risk is that an attacker may send very large POST requests and overloading your server memory and CPU as it has to parse and process those requests before handling them to your PHP script.

So it's best to limit changing this setting to some files or directories. For example if I want to /admin/files/ and /admin/images/ I can use:

<If "%{REQUEST_URI} =~ m!^/admin/(files|images)/! && -n %{HTTP_COOKIE}"> php_value post_max_size 256M php_value upload_max_filesize 256M </If>

I also require the request to have a cookie to avoid basic attacks. This will not protect you against attacks coming from non-authenticated users, but may delay any attack.

This setting can be used in Apache server configuration files, and .htaccess files as well.

dg at artegic dot de ¶

12 years ago

In case of non-deterministic occurence of the UPLOAD_ERR_PARTIAL error: The HTTPD (e.g. Apache) should respond with a 'Accept-Ranges: none' header field.

anders jenbo pc dk ¶

14 years ago

A responce to admin at creationfarm dot com, Mac OS X and Windows running on a NTFS disk also uses a multi stream file system. Still only the data stream in transfared on http upload. It is preferable to pack Mac OS X files in .dmg files rathere then zip but the avarage user will find zip much easir and they are supported on more platforms.

tjaart at siam-data-services dot com ¶

17 years ago

Took me a while to figure this one out...

I think this is actually a header problem, but it only happens when doing a file upload.

If you attept a header("location:http://...) redirect after processing a $_POST[''] from a form doing a file upload (i.e. having enctype="multipart/form-data"), the redirect doesn't work in IE if you don't have a space between location: & http, i.e. header("location:http://...) vs header("location: http://...)

=================================== <?php if ($_POST['submit']=='Upload') { // Process File and the redirect... header("location: http://"..."/somewhere.php"); exit; } ?> <html><head></head><body> <form enctype="multipart/form-data" action="upload.php" method="POST"> <input type="hidden" name="MAX_FILE_SIZE" value="20000"> Your file: <input name="filename" type="file"> <input name="submit" type="submit" value="Upload"> </form> </body></html> ===================================

This only happens if all of the following are true: header("location:http://...) with no space Form being processed has enctype="multipart/form-data" Browser=IE

To fix the problem, simply add the space.

Hope this helps someone else.

morganaj at coleggwent dot ac dot uk ¶

18 years ago

Here is another that may make your upload fall over. If you are using Squid or similar proxy server make sure that this is not limiting the size of the HTTP headers. This took me weeks to figure out!

tomcashman at unitekgroup dot com ¶

19 years ago

For apache, also check the LimitRequestBody directive. If you're running a Red Hat install, this might be set in /etc/httpd/conf.d/php.conf. By default, mine was set to 512 KB.

oliver dot schmidt at drehsinn dot de ¶

15 years ago

If you want to use open_basedir for securing your server (which is highly recommended!!!) remember to add your tmp dir to the open_basedir value in php.ini.

Example: open_basedir = <your htdocs root, etc...>:/tmp

(Tested on gentoo Linux, Apache 2.2, PHP 5.1.6)

sebastian at drozdz dot ch ¶

19 years ago

It's important that the variable 'open_basedir' in php.ini isn't set to a directory that doesn't not includes tempupload directory

What is the maximum upload file size in PHP?

To increaes file upload size in PHP, you need to modify the upload_max_filesize and post_max_size variable's in your php. ini file. In addition, you can also set the maximum number of files allowed to be uploaded simultaneously, in a single request, using the max_file_uploads .

How do I change max upload file size in PHP?

How to Increase File Upload Size in PHP.

Open the php. ini file in the text editor..

Search for upload_max_filesize variable and specify the size which you want to increase. upload_max_filesize = 128M..

Search for post_max_size variable and specify the size which you want to increase. ( ... .

Once done, save the modified php..

Can we upload file of any size to a PHP application?

By default, PHP permits a maximum file upload of 2MB. You can ask users to resize their images before uploading but let's face it: they won't. Fortunately, we can increase the limit when necessary. Two PHP configuration options control the maximum upload size: upload_max_filesize and post_max_size .

How do I increase max upload size?

Modify wp-config. php file. Open the file in any text editor and add the following code. @ini_set( 'upload_max_size' , '20M' ); @ini_set( 'post_max_size', '13M'); @ini_set( 'memory_limit', '15M' ); Save your changes, and it should increase your file upload size.