How to Limit File Upload Size in Nginx

In our last article, we’ve explained about limiting user file upload size in Apache. In this article, we will explain how to limit user file upload size in Nginx. Restricting file upload size is useful to prevent some types of denial-of-service (DOS) attacks and many other related issues.

By default, Nginx has a limit of 1MB on file uploads. To set file upload size, you can use the client_max_body_size directive, which is part of Nginx’s ngx_http_core_module module. This directive can be set in the http, server or location context.

It sets the maximum allowed size of the client request body, specified in the “Content-Length” request header field. Here’s an example of increasing the limit to 100MB in /etc/nginx/nginx.conf file.

Set in http block which affects all server blocks (virtual hosts).

http {
    client_max_body_size 100M;

Set in server block, which affects a particular site/app.

server {
    client_max_body_size 100M;

Set in location block, which affects a particular directory (uploads) under a site/app.

location /uploads {
    client_max_body_size 100M;

Save the file and restart Nginx web server to apply the recent changes using following command.

# systemctl restart nginx       #systemd
# service nginx restart         #sysvinit

Once you have saved the changes and restarted the HTTP server, if the size in a request exceeds the configured value of 100MB, the 413 (Request Entity Too Large) error is returned to the client.

Note: You should keep in mind that sometimes browsers may not correctly display this error. And setting a valua (size) to 0 disables checking of client request body size.

You might also like to read these following articles related to Nginx web server administration.

  1. How to Change Nginx Port in Linux
  2. How to Hide Nginx Server Version in Linux
  3. ngxtop – Monitor Nginx Log Files in Real Time in Linux
  4. How to Monitor Nginx Performance Using Netdata
  5. How to Enable NGINX Status Page

Reference: ngx_http_core_module documentation

That’s all! In this short article, we have explained how to limit user file upload size in Nginx. You can share your thoughts with us via the comment form below.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.


Leave a Reply
      • Hi, I finally got the working solution!

        Php File Limit upload in TerraMaster webserver

        Problem by default it was limited to 2 MB;

        None of these settings can’t help:

        upload_max_filesize 10M
        value post_max_size 10M
        php_value memory_limit 32M 

        The Solution Is:

        Create file “.htaccess“ on your root webserver , not at the root but at the root of your webserver ex : “/mnt/md2/HD1/Web”.

        Create these settings inside.

        php_value upload_max_filesize 102M
        php_value post_max_size 102M
        php_value memory_limit 64M

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.