sfw/fix
413 medium

413 Request Entity Too Large (nginx client_max_body_size)

The request body exceeded nginx's client_max_body_size, so nginx rejected it before passing the request to the backend.

What you see

413 Request Entity Too Large
nginx/1.24.0

# error.log:
client intended to send too large body: 5242880 bytes

What’s actually happening

An upload or a large form POST fails with a 413 page rendered by nginx itself, not by your app. The backend logs show nothing because the request never reached PHP. nginx's default cap is 1 MB, so anything bigger than a small file trips it. The error.log line reports the exact byte count the client tried to send.

Common causes

  • The upload is larger than client_max_body_size, which defaults to 1m if you never set it.
  • The directive is set in the wrong context. A value in http {} can be overridden, or a value in the wrong server/location block does not apply to the route handling the upload.
  • A long form or a base64-encoded payload in a POST body crosses the limit even without an obvious file attachment.
  • An API endpoint receiving JSON or multipart data over the limit.
  • client_max_body_size was raised but nginx was never reloaded, so the old value is still live.

How to fix it

  1. Raise the directive in the right blockSet client_max_body_size to a real ceiling, for example client_max_body_size 50m;. Put it in the server {} block, or in the specific location {} that handles uploads, so it actually applies to that route.
  2. Test the config and reloadRun nginx -t to validate, then systemctl reload nginx (or nginx -s reload). A reload is required; editing the file alone changes nothing.
  3. Raise the matching PHP limitsnginx is only the first gate. If you are on PHP, set upload_max_filesize and post_max_size in php.ini to at least the same ceiling, then restart php-fpm. Otherwise you clear the 413 and hit a PHP-level rejection instead.
  4. Allow unlimited only where it is safeclient_max_body_size 0; disables the check for a location. Scope it to a trusted upload endpoint only; never apply it server-wide, since it invites memory-exhaustion abuse.
  5. Confirm with the byte count in the logtail the nginx error.log while you reproduce. The 'client intended to send too large body' line gives the exact size, so you can set the ceiling just above the real maximum you need to accept.

Stop it recurring

Set client_max_body_size (and the matching PHP upload limits) as part of the initial server config, sized to the largest file the app legitimately accepts.

Related errors

nginx 502: upstream sent too big header while reading response header

high

PHP-FPM returned response headers larger than nginx's FastCGI buffer, overflowing it and turning the response into a 502.

PHP-FPM "Primary script unknown" (File not found)

high

nginx handed PHP-FPM a SCRIPT_FILENAME path that PHP-FPM cannot find or read, so it returns a blank File not found.

PHP Fatal Error: Allowed Memory Size Exhausted

high

A PHP script asked for more RAM than memory_limit permits, so the engine kills the request mid-execution.

PHP Fatal Error: Maximum Execution Time of 30 Seconds Exceeded

high

A PHP script ran past the max_execution_time cap, so the engine aborted it before it could finish.