Question on max upload size for PHP

[Chris1]

I've had a couple of clients lately run into the default max upload size for PHP of 2MB, it is easy enough to adjust this in the domains PHP settings however is there a downside to allowing a much larger upload size by default?

Are there are security issues?
Is it kept low to keep resource usage under control?

 

[IgorG]

As far as I know it is just default PHP value.
It is task of administrator to variate this value depending on any risks.

 

[Chris1]

Hi Igor,

I understand what you mean but what sort of risks can be exposed by lifting the default value?

 

[UFHH01]

Hi Chris1,

there are no risks at all ( but the one, that if you host many domains, it might increase your server load ). The default setting for "max_upload_size" is at "2MB" for years now and no vendor seem to adjust the limit within the last years to a higher limit. You might notice as well, that some vendors even keep on having a "y2k_compliance" setting.