Skip to main content

Working in Drupal 9.x, I was loading images via the Media module.  Below 1 mb no issue.  Any thing over - nothing.  Nothing as in no response when loading.

An interesting situation, as I had already changed the php.ini file where the following updates occured:

; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 2M

Had changed to 

upload_max_filesize = 10M

Also the post max size

; is disabled through enable_post_data_reading.
; http://php.net/post-max-size
post_max_size = 8M

Had also changed to

post_max_size = 10M

What gives!

The way to discover the error is to have open the inspector tool whlist performing the actions of uploading a file.   Whilst doing this action I received the following error

Failed to load resource: the server responded with a status of 413 (Request Entity Too Large) ajax.js:513

I then discovered that of course others had received the same error in Drupal... No warning when uploading media that is larger than limit (HTTP code 413) ... and a few sites pointed out that the issue is related to your Nginx server configuration.

 

Nginx server configuration

Running on Nginx as a front end to php based Ubuntu server.  When the client (administrator) is trying to upload 1MB+ size image file using nginx reverse proxy, they are getting the fore mentioned error on screen.  How do I fix this problem and allow image upload over 1MB in size using Nginx web-server working in reverse proxy or stand-alone mode on Unix like operating systems?

The error “413 – Request Entity Too Large” indicates that web server configured to restrict large file size. Nginx can be set to allow the maximum size of the client request body using client_max_body_size directive. If the size of a request exceeds the configured value, the 413 (Request Entity Too Large) error returned to the client. You will see an error as follows:

To fix this issue edit your nginx.conf.  Open Terminal or login to the remote server using ssh client.  Type the following command to edit your nginx.conf using a text editor such as vi or joe or nano:

# vim /etc/nginx/nginx.conf

Add the following line to http or server or location context to increase the size limit in nginx.conf, enter:

# set client body size to 10M #
client_max_body_size 10M;

The client_max_body_size directive assigns the maximum accepted body size of client request, indicated by the line Content-Length in the header of request. If size is greater the given one, then the client gets the error “Request Entity Too Large” (413).

Save and close the file. Reload the nginx webserver, enter:
# /etc/nginx/sbin/nginx -s reload

For RHEL/CentOS/Debian/Ubuntu Linux, try:
# service nginx reload

If you are using systemd based system run:
$ sudo systemctl reload nginx.service

It always handy to see the location in the nginx.conf file

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        client_max_body_size 10M;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
"nginx.conf" [readonly] 87L, 1519C                                                1,1           Top
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

 

PHP configuration

For more in depth instructions about how to do this go to Drupal - how to increase the maximum file upload size?

Your php installation also put limits on upload file size. Edit php.ini and set the following directives

This sets the maximum amount of memory in bytes that a script is allowed to allocate

memory_limit = 32M

The maximum size of an uploaded file.

upload_max_filesize = 10M

Sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize

post_max_size = 10M

If you are using PHP-FPM, restart it as follows:
$ sudo systemctl restart php-fpm
## OR ##
$ sudo systemctl restart php7.0-fpm.service
## OR ##
$ sudo /usr/local/etc/rc.d/php-fpm restart

Save and close the file. Make sure you reload/restart/reboot back-end apache or nginx web server as per your setup.

Related articles

Andrew Fletcher18 Mar 2024
Resolving CVE-2022-48624 less issue
To resolve the CVE-2022-48624 vulnerability on Ubuntu using Nginx, it's crucial to understand that the issue lies within the "less" package, not Nginx itself. The vulnerability affects "less" before version 606, where close_altfile in filename.c in less omits shell_quote calls for LESSCLOSE,...