Fixing the HTTP 413 (Request Entity Too Large) Error in WordPress

Fixing the HTTP 413 (Request Entity Too Large) Error in WordPress

Here’s a quick article on an error that the blog has been running into over the weekend. While hard at work on our farming RPG tutorials, we ran into an error when trying to save or publish our (very large) accompanying articles for the videos.

Fixing the entity request too large error
Without opening Developer Tools, you’ll just get a notification when saving your post that (your) response is not a valid JSON response.

Not a file upload error

If you were to do a Google search using the terms found in this article, you will find a lot of results telling you that this error is related to file uploads in WordPress. This is not the problem we were having, but if your issue came from a file upload, then your error is happening because you are trying to upload a file larger than PHP allows.

To rectify this, you will have to head to php.ini in your server, and increase the following limits so that it is larger than the file you are uploading:

  • upload_file_maxsize: The maximum size of a file that your website can receive.
  • post_max_size: This determines how much data can be sent to your website in a single post request. Since files are always submitted as part of the post request, this needs to be larger than or at least equal to upload_file_maxsize.
  • memory_limit: This is the total amount of memory that PHP is allowed to use on your server. This should at least be equal to post_max_size, but practically speaking, it should be significantly larger than both the values above.

If your website has cPanel access, you will have to update php.ini through your cPanel. Below is a video that goes through how to do it.

If you have ModSecurity running on your server, read further on, as you will also need to make sure that your file uploads meet the limits set in ModSecurity.

Article continues after the advertisement:

The error: ModSecurity is restricting the files

Looking into our log files, we found the following message:


[client] ModSecurity: Request body no files data length is larger than the configured limit (131072).. Deny with code (413)

Essentially, it is saying that ModSecurity has denied the data that WordPress is sending in and responding with a HTTP 413 error.

To rectify this, we will have to head into ModSecurity’s configurations. In most Linux / Unix-based distributions, you should be able to find the configuration files in /etc/modsecurity/modsecurity.conf.

The attributes you are interested in are the following:


SecRequestBodyLimit 128107200
SecRequestBodyNoFilesLimit 131072

The attributes restrict 2 things:

  • SecRequestBodyLimit restricts the size of post requests with files.
  • SecRequestBodyNoFilesLimit restricts the size of post requests without files.

As saving a WordPress post does not require the saving of files, the size of our posts was limited to a mere 131072 bytes (about 128 kB). Hence, increasing the SecRequestBodyNoFilesLimit solved our problems.

If your error is caused by a file upload, you will have to also increase the SecRequestBodyLimit value, in addition to increasing the limits listed above.


If you don’t have direct access to the ModSecurity configurations in your server (i.e. you are running on a cPanel web host), you will have to log in to cPanel to change your ModSecurity settings. You can also consider disabling ModSecurity altogether.

Leave a comment if you have any other solutions to share!

Article continues after the advertisement:

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: You can use Markdown to format your comments.

This site uses Akismet to reduce spam. Learn how your comment data is processed.