PHP post_max_size Explained: Configuration, Limits, and Best Practices
Introduction
The post_max_size directive defines the maximum size of the entire HTTP POST request that PHP accepts. Unlike upload_max_filesize, which limits the size of a single uploaded file, post_max_size applies to the complete request, including uploaded files, form fields, cookies, and other POST data.
A properly configured post_max_size ensures that PHP can process large uploads while protecting the server from excessively large requests.
Test Environment
What Is post_max_size?
Example:
post_max_size = 128M
This means PHP accepts POST requests up to 128 MB.
If the request exceeds this limit, PHP discards the POST body before the application can access it.
How post_max_size Works
When a browser submits a form, the POST request contains much more than just the uploaded file.
If the total request size exceeds post_max_size, the request is rejected.
Check the Current Value
Example:
post_max_size => 128M => 128M
Change post_max_size
Open the PHP configuration:
Find:
post_max_size = 8M
Modify it:
post_max_size = 128M
Restart PHP-FPM:
Verify the Configuration
Or use:
Search for:
post_max_size
post_max_size vs upload_max_filesize
This is the most important section.
Many administrators configure:
This configuration does not work.
Although PHP allows a single uploaded file up to 100 MB, the total POST request is limited to 50 MB. As a result, the upload fails before PHP can process it.
A recommended configuration is:
The extra space allows room for multipart form data, additional form fields, and request overhead.
Relationship Between Common Upload Settings
These directives work together during file uploads.
The effective upload limit is determined by the smallest applicable restriction in the request path.
Recommended Values
As a general guideline, post_max_size should be slightly larger than upload_max_filesize to accommodate request overhead.
Common Issues
Upload Still Fails
Possible causes include:
post_max_size is smaller than upload_max_filesize.
PHP-FPM has not been restarted.
The wrong php.ini file was modified.
Nginx client_max_body_size is too small.
Empty $_POST or $_FILES
If the request exceeds post_max_size, PHP discards the POST body. As a result, both $_POST and $_FILES may appear empty, even though the browser submitted data.
Best Practices
Always configure post_max_size to be larger than upload_max_filesize.
Keep upload limits appropriate for your application.
Restart PHP-FPM after changing configuration values.
Verify the settings using phpinfo() or php -i.
Remember to check your web server's upload size limits as well.
Conclusion
The post_max_size directive controls the maximum size of an entire HTTP POST request. It works together with upload_max_filesize, memory_limit, and your web server's configuration to determine whether uploads are accepted.
When troubleshooting upload problems, checking only upload_max_filesize is often not enough. Reviewing the complete upload pipeline helps identify configuration mismatches and prevents common upload failures.
Explore More
› PHP max_file_uploads Explained: Configuration, Limits, and Best Practices
› PHP upload_max_filesize Explained: Configuration, Limits, and Best Practices
› PHP max_input_vars Explained: Configuration, Limits, and Best Practices
› PHP opcache.max_accelerated_files Explained: Configuration, Performance, and Best Practices