Configuring HTML5/Flash Uploader PHP

Configuring Permissions

The folder where you are going to save files should have modify permissions. Depending on your operating system it can be set in one of the following ways:

• On Windows NT/2000/XP you should grant the modify permission to the Internet guest user (IUSR_<machinename>).
• On Windows 2003 Server you should grant the modify permission to the NETWORK SERVICE group.
• On Windows Vista/2008 Server/7 you should grant the modify permission to the account your site application pool is running under, Network Service by default.
• For *NIX systems you should specify read and write permissions.

Configuring Maximum POST Request Length

Usually, a limitation for maximum POST request length is specified to reduce the risk of DoS attacks. If the request size exceeds a specific value, it is considered malicious and the upload would be broken.

Editing PHP Configuration Files

To increase the limit of the maximum upload size, you should edit your PHP configuration files:

1. Open the php.ini file. You can find it:

   • on Linux in /etc/php.ini
   • on Windows in c:\windows\php.ini

2. Set the required limits:

   post_max_size = 100MB
   upload_max_filesize = 100MB

3. Additionally, you can set the following parameters:

   • max_file_uploads, the maximum number of files allowed to be uploaded simultaneously.
   • memory_limit, the maximum amount of memory in bytes that a script is allowed to allocate.
   • upload_tmp_dir, the temporary directory used for storing files when doing file upload.
   • max_execution_time,the maximum time in seconds a script is allowed to run before it is terminated by the parser.
   • magic_quotes_gpc, should be off, otherwise files sent by Flash uploader may be corrupted.

To make sure that new settings are applied, use the phpinfo() function which outputs information about the current state of PHP.

<?php 
	phpinfo();
?>

Configuring Apache Web Server

If you use the Apache web server, you should also edit the php.conf file:

1. Open the php.conf file. You can find it:

   • on Linux in /etc/httpd/conf.d/php.conf
   • on Windows in <Apache installation folder>\conf\php.conf

2. Change the LimitRequestBody parameter according to the post_max_size value, e.g.:

   LimitRequestBody 104857600

Do not forget to restart your server after modifying its configuration.

Configuring IIS Web Server

If you use the IIS web server, you should follow one of the next configurations.

IIS 7 Configuration

1. Go to C:\Windows\System32\inetsrv\config\applicationHost.config and change

   XML

   <section name="requestFiltering" overrideModeDefault="Deny" />

   to:

   XML

   <section name="requestFiltering" overrideModeDefault="Allow" />

2. Add to your application's web.config the following sections:

   XML

   <system.webServer>
       <security>
           <requestFiltering>
               <requestLimits maxAllowedContentLength ="2147482624" /> <!-- in bytes -->
           </requestFiltering>
       </security>
   </system.webServer>

   XML

   <system.web>
        <httpRuntime maxRequestLength="2097151"/> <!-- in kilobytes -->
   </system.web>

IIS 6 Configuration

Add to your application's web.config the following section:

<system.web>
    <httpRuntime maxRequestLength="2097151"/> <!-- in kilobytes -->
</system.web>

If you have URLScan installed and still experience this problem, go through the following steps:

1. Open the UrlScan.ini file which is typically located at C:\Windows\system32\inetsrv\urlscan folder.
2. Set the MaxAllowedContentLength key to the desired value (in bytes).
3. Save changes and restart IIS.

Do not forget to restart your server after modifying its configuration.