HTTP 413 Content Too Large
HTTP 413 Content Too Large means the server is refusing to process the request because the request body exceeds the maximum size the server is configured to accept. The name changed from "Request Entity Too Large" to "Content Too Large" in RFC 9110. This code is most commonly encountered when uploading files that exceed the server's configured limit.
Quick reference
| Code | 413 |
|---|---|
| Name | Content Too Large |
| Category | 4xx Client Errors |
| Specification | RFC 9110 §15.5.14 |
| IANA status | Assigned |
| Cacheable | No |
| Client action | Reduce the request body size or use chunked/multipart upload. Check server upload size limits. |
| In-depth guide | HTTP 413 full guide → |
What HTTP 413 means
RFC 9110 defines 413 as indicating that the server is refusing to process a request because the request content is larger than the server is willing or able to process. The server may close the connection to prevent the client from continuing to send the request body.
413 is returned before processing the body — the server checks the Content-Length header (or monitors the incoming body size) and rejects requests that exceed its configured limit. The client's upload is cut off and the server responds with 413.
If the server allows future requests with smaller content, it may include a Retry-After header, though this is uncommon for 413. The server should also close the connection if the client has already started sending a large body to prevent unnecessary data transfer.
Common causes and server configurations
nginx client_max_body_size
nginx's default client_max_body_size is 1MB. Any request body larger than this receives a 413. To increase it: add client_max_body_size 50m; to your nginx server or location block. Set it to 0 to disable the limit (not recommended in production).
Apache LimitRequestBody
Apache's LimitRequestBody directive controls the maximum request body size. The default is 0 (unlimited), but many configurations set it explicitly. Add or modify LimitRequestBody 52428800 (50MB in bytes) in your Apache configuration or .htaccess file.
PHP upload_max_filesize and post_max_size
PHP has its own upload limit independent of the web server: upload_max_filesize limits individual file size, and post_max_size limits the total POST body. Both must be large enough to accept the intended upload. Setting nginx's client_max_body_size higher than PHP's post_max_size is common — ensure both are configured consistently.
Application framework limits
Many frameworks impose their own body size limits independently of the web server: Express.js uses express.json({ limit: '10mb' }) and express.urlencoded({ limit: '10mb' }), Django uses DATA_UPLOAD_MAX_MEMORY_SIZE, Spring Boot uses spring.servlet.multipart.max-file-size.
CDN and proxy limits
CDNs like Cloudflare impose their own upload limits (Cloudflare free tier: 100MB). If the CDN rejects the upload before it reaches the origin server, the 413 comes from the CDN, not the origin. Large file upload architectures often use pre-signed URLs to bypass the CDN entirely.
How to fix a 413
- Identify where the 413 is generated. Check response headers for
ServerorCF-Rayto determine if it is from nginx, Apache, a CDN, or your application. - Increase the limit on the appropriate layer. Update nginx
client_max_body_size, ApacheLimitRequestBody, and framework body size settings consistently. - Use multipart or chunked uploads. For very large files, use multipart upload APIs (like S3 multipart) or chunked transfer encoding to split the upload into smaller pieces.
- Pre-signed URLs for direct-to-storage uploads. Generate a pre-signed URL to upload directly to S3, GCS, or Azure Blob Storage from the client, bypassing your application server and its limits entirely.
- Validate file size client-side. Check file size in the browser before sending. Return a user-friendly error before the upload attempt rather than receiving a 413 mid-upload.
FAQ
What does HTTP 413 Content Too Large mean?
HTTP 413 means the request body is larger than the server is configured to accept. Reduce the upload size or increase the server's configured limit.
Why does my upload work locally but fail in production?
Development environments often have no upload size limits configured. Production environments typically set explicit limits via nginx, Apache, or the application framework. Check all layers of your production stack for size limits.
Where do I change the upload size limit?
It depends on your stack. For nginx: client_max_body_size. For Apache: LimitRequestBody. For PHP: upload_max_filesize and post_max_size. For Express: body parser limit options. Check every layer between the client and the storage backend.
Is there a standard maximum upload size?
No. Each server, framework, and CDN sets its own limits. Common defaults: nginx 1MB, Cloudflare 100MB (free), AWS API Gateway 10MB, Express.js 100KB for JSON bodies.
Related resources
On this site: HTTP 413 Content Too Large — full guide · HTTP 414 URI Too Long · HTTP 431 Request Header Fields Too Large · All 4xx client errors
Standards: RFC 9110 §15.5.14 · IANA HTTP Status Code Registry · MDN Web Docs: 413