3

As I understand, when hosting a webserver with Apache and PGP, the three settings within php.ini that determine the maximum upload size are:

  1. memory_limit
  2. post_max_size
  3. upload_max_filesize

As I have read, memory_limit must be greater than post_max_size and post_max_size must be greater than upload_max_filesize. From there, the lowest, which would be upload_max_filesize would actually be the true limit for upload size, within Apache settings anyways.

So, if the above is true, is it true to state that the true maximum file size that can be uploaded to a webserver through PHP running with Apache is equal to the physical memory on the device hosting? Aside from disk writing limitations, i.e. how NTFS limits file size to 4GB per file?

The reason I am asking this is my post_max_size and upload_max_filesize are set to 4096M but while files slightly less than 1GB upload without a problem files over 1GB do not. So would memory_limit be a contributing factor in something like this?

Improve this question
1
  • FAT limits file size to 4GB per file. With NTFS, the limit is 16 exabytes.
    – grawity_u1686
    Commented Aug 23, 2018 at 17:22

1 Answer 1

Reset to default
5

You ask:

So, if the above is true, is it true to state that the true maximum file size that can be uploaded to a webserver through PHP running with Apache is equal to the physical memory on the device hosting?

Nope. You are correctly interpreting bad advice about memory_limit that would make you think that is the case when the reality is memory_limit has little to nothing to do with file upload size. memory_limit is purely about PHP process memory and has nothing to do with file transferring processes.

Here is why…

The only two items that are of concern when uploading a file using PHP and Apache are:

  • post_max_size: Sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. Generally speaking, memory_limit should be larger than post_max_size.
  • upload_max_filesize: The maximum size of an uploaded file.

memory_limit has utterly nothing to do with a file transport in such a setup. All memory_limit does is control how much memory each PHP process gets if it is processing something internally. I file transfer has nothing to do with memory_limit.

  • memory_limit: This sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server. Note that to have no memory limit, set this directive to -1.

That said, the PHP manual—as quoted above—says:

Generally speaking, memory_limit should be larger than post_max_size.

This makes no sense and is considered a mistake if you think about it. memory_limit is a constraint of how much data can be handled by a PHP process in RAM. But—as I have said before—a file transfer is a streaming data process and PHP doesn’t store the file contents in RAM for longer than it has to before writing it to the file system.

This Stack Overflow answer states as much. And this other answer explains it more eloquently and succinctly:

Only if you plan on reading an entire file into memory and the file that you read in is larger than the space you have allocated to PHP (i.e. memory_limit), in which case you'll run out of memory.

Improve this answer
1
  • A POST request does not necessarily contain (only) files. post_max_size is not only for file uploads. Hence the memory limit advice.
    – Daniel B
    Commented Oct 30, 2023 at 19:32

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .