How to Increase File Upload Size in WordPress

By Dr. Sol Adoni

Dr. Adoni is the Author of over 100 Books

He is an expert on WordPress and Internet Security

The easiest for most users of WordPress who are on networks that are not that secure such as Godaddy, you can install a ‘plugin’ to Incres File Upload size.

Some hosts such as Godaddy will allow a plugin to write an .ini file and that is what controls the core of WP (WordPress). More secure networks will not allow a script or plugin to write .ini files, it’s a hackers dream to have wide open .ini file write permissions.

Depending on your host requires, upload size will be in either php.ino or php5.ini and stored in the ‘wp-admin’ directory on your account.

To manually increase the low limits the WP Core puts on their CMS program which is a small 2MB upload limit intended to help sites that allow the ‘public’ upload privileges so a hacker can’t overload a hard-drive, you need to have a php.ini or php5.ini file with a simple file size override for WP to increase the 2MB upload limit they have on images and such.

The majority of sites will be able to increase the 2MB image limit with a php.ini file. If you try php.ini and after a cache refresh it doesn’t work, then rename the php.ini file to php5.ini.

What needs to be inside the php.ini or php5.ini file is a simple line of code setting larger limits. If you hosting company allows a plugin to create a .ini file the plugins for increasing file upload sizes will work. But more secure hosting companies would never allow a script to write an .ini file.

So for advanced managers of a WP install that know how to create a .txt file and upload via FTP, this is the code you put into a php.ini file.

upload_max_filesize = 128M;
post_max_size = 128M;

You can change the number 128 to the size you want. 16, 32, 64 or leave it at 128. If you need larger files then use 256 instead of 128.

The DANGER of having large upload limits is IF your site allows the public to ‘contribute’ and upload images and such, then a hacker can write a simple upload script and fill up your storage limits easily. Even if you have a dedicated server with 1TB or more of storage, which most companies do not have, allowing large files to be uploaded by the public is asking a hacker to take out your site.