client_max_body_size
Limits the maximum size of the client request body.
Description
The client_max_body_size directive in NGINX specifies the maximum allowed size of the client request body, which is important for controlling resource usage and preventing abuse. This directive can be configured in three contexts: http, server, and location, allowing for flexible application depending on the desired scope of the limit.
The parameter for client_max_body_size can be set using various size units, such as 'k' for kilobytes, 'm' for megabytes, or 'g' for gigabytes. For example, specifying client_max_body_size 10m; limits the request body to a maximum of 10 megabytes. If a client attempts to send a request body larger than the specified limit, NGINX will return a 413 Request Entity Too Large error immediately, thus safeguarding the server from excessive load.
It's important to note that setting this directive at different levels can lead to varying behavior depending on the request handling context. For instance, if a location block sets client_max_body_size to a smaller value than the http level, the location level setting takes precedence during request processing. This hierarchical approach allows administrators to implement specific configurations as needed for different application parts.
Config Example
server {
listen 80;
server_name example.com;
client_max_body_size 10m;
location /upload {
proxy_pass http://backend;
}
}Setting client_max_body_size too low can prevent legitimate file uploads, resulting in a poor user experience.
Ensure that any application-level settings are aligned with this directive to avoid confusion and errors.
Remember that this directive does not affect the Content-Length header if specified by the client.