Yet another way in which your server might prevent file uploads

So, you’ve created a form for your application which allows file submissions. You’ve checked your php.ini file and made sure that post_max_size, upload_max_filesize and memory_limit have all been set large enough to accommodate your expected filesize.

You’ve got a hidden input field named MAX_FILE_SIZE and correctly set the value in bytes, but your file uploads are still failing. Well here are a couple more server settings to check which may be preventing your form from functioning.

Apache’s LimitRequestBody¬†directive accepts a value in bytes. It *may* be possible to set this in your .htaccess file if your host will allow it.

Your host may also have restrictive settings within Apache’s mod_security config. Among others there is the¬†SecRequestBodyLimit which will prevent http request exceeding a certain size.

It should be noted though, that modifying any of these settings in isolation may increase the attack surface area of your server and application. This is just a pointer to some possible causes of PHP file upload errors.