Apache is one of the most popular open-source web servers. By default, it allows large files to be uploaded, which can sometimes lead to server resource issues or even vulnerabilities like DoS (Denial of Service) attacks. For security and performance reasons, it's a good practice to set a limit on the maximum allowed file upload size in Apache.

In this article, we will configure Apache to set a limit over file upload and download from your web server, as it is necessary to configure your web server against the incoming client request.

We can set the total size of HTTP requests using the LimitRequestBody directive. This can be defined in your website’s .htaccess or http.conf file.

Steps to Set File Upload Size Limit in Apache

1. Understand the LimitRequestBody Directive

Apache provides the LimitRequestBody directive to control the total size of an HTTP request body. It can be set between:

0 bytes (unlimited) to Up to 2 GB (2147483647 bytes)

You can define this directive inside your .htaccess, <Directory>, <Location>, or Apache configuration file (httpd.conf or apache2.conf).

2. Example Configuration: Limit Uploads in WordPress

If you want to restrict file uploads in a WordPress installation (e.g., to limit the /wp-uploads folder to a maximum of 200 KB), add the following block to your Apache configuration:

<Directory "/var/www/myapplication/wp-uploads">

    LimitRequestBody 200000

</Directory>

Note: 200000 bytes = ~195.3 KB (rounded to ~200 KB)

You can also add this directive inside the .htaccess file if AllowOverride is enabled:

LimitRequestBody 200000

3. Restart Apache to Apply Changes

After making changes, restart or reload the Apache service to apply the new configuration.

For CentOS / RHEL:

# sudo systemctl restart httpd
# sudo systemctl reload httpd

For Ubuntu/Debian:

# sudo systemctl restart apache2
# sudo systemctl reload apache2

Conclusion:

By configuring the LimitRequestBody directive in Apache, you can control the maximum size of uploaded files to protect your web server from large file uploads or DoS attacks. This setting is particularly useful for content management systems like WordPress or custom file upload applications, helping you maintain better control over resource usage.

Get Linux VPS Hosting »
Was this answer helpful? 0 Users Found This Useful (4 Votes)

Most Popular Articles

How To Configure the Apache Web Server on an Ubuntu or Debian VPS

Apache is one of the internet's most favoured web servers, serving over half of all active...
Locations of Common Log Files and Configuration Files for cPanel Services

This article covers the configuration files and the log file locations of the most common cPanel...
Fix: Exim error-exim dead but subsys locked

The error “Exim dead but subsys locked” is a common message on Linux servers that use Exim as the...
How to Sync Time using NTP in the Ubuntu Server?

Linux server users might notice that even after manually setting the correct system time, it...
How to Generate a Certificate Signing Request (CSR) with OpenSSL?

Generating a Certificate Signing Request (CSR) is a critical step when setting up SSL for a web...