If you’re seeing this error, it means that your web application is trying to upload a file that’s over the allowed upload limit. This can happen due to restrictions set in your PHP configuration.
Understanding the Error
When a client attempts to upload a file via a POST request, PHP checks the file size against several settings defined in the php.ini
configuration file. If the file exceeds these limits, the server rejects the request and throws an error.
Key PHP INI Settings for Upload Limits
upload_max_filesize
: This directive determines the maximum size of an uploaded file.post_max_size
: This directive sets the maximum size of POST data that PHP will accept. This value should be larger thanupload_max_filesize
to accommodate other form data.memory_limit
: This sets the maximum amount of memory a script is allowed to allocate. If your files are large, you may need to increase this limit as well.
Setting PHP INI Values
Via php.ini
File
You can set these directives in your php.ini
file:
upload_max_filesize = 10M
post_max_size = 20M
memory_limit = 256M
Via .htaccess
File
If you don’t have access to the php.ini
file, you can set these values in your .htaccess
file:
# php 7.x
<IfModule mod_php7.c>
php_value upload_max_filesize 10M
php_value post_max_size 20M
php_value memory_limit 256M
</IfModule>
# php8
<IfModule mod_php.c>
php_value upload_max_filesize 10M
php_value post_max_size 20M
php_value memory_limit 256M
</IfModule>
Impact on WordPress
For WordPress sites, the upload limits can affect file uploads in the media library, plugin uploads, and theme uploads. Adjusting these settings ensures that your users don’t encounter frustrating upload limits when managing content.
Hiding Errors in Production
To prevent these errors from displaying on a production site, which can confuse users and break JSON responses, you can disable error display in your php.ini
file:
display_errors = Off
log_errors = On
error_log = .ht_php_errors.log
we use .ht_php_errors.log with .ht_ prefix so nobody can access the files as the web servers like apache, nginx and others should block the access to it.