Introduction

When WordPress says the uploaded file exceeds upload_max_filesize, the media library is not the real problem. PHP is rejecting the request before WordPress can process it fully. The fix is to change the active PHP limits in the layer your hosting stack actually uses, then confirm the new values apply to the same runtime that serves WordPress.

Symptoms

  • WordPress blocks media uploads with an upload_max_filesize error
  • Large theme, plugin, or backup uploads fail while small files still work
  • The upload limit shown in Site Health or media screens is lower than expected
  • Editing php.ini appears to change nothing
  • The issue started after moving hosts, changing PHP versions, or switching control panels

Common Causes

  • upload_max_filesize is set lower than the file you are trying to upload
  • post_max_size is too small, so the full request is rejected even if the upload limit looks higher
  • The edited PHP config file is not the one used by the web server or PHP-FPM pool running WordPress
  • Host-level overrides in .user.ini, control panel settings, or pool config replace local changes
  • PHP was reconfigured but the active service was never reloaded, restarted, or switched

Step-by-Step Fix

  1. Confirm the current effective limits from WordPress Site Health, a PHP info page, or host tooling instead of trusting one config file blindly.
  2. Check upload_max_filesize, post_max_size, memory_limit, and request timeout settings together because one lower limit can still block the upload.
  3. Update the active PHP configuration in the correct layer for your host, which may be php.ini, .user.ini, PHP-FPM pool config, Apache config, or a hosting control panel.
  4. Make post_max_size larger than upload_max_filesize so the whole HTTP request can be accepted cleanly.
  5. Reload or restart the relevant PHP and web server services, or wait for host-managed config propagation if your platform applies changes asynchronously.
  6. Retest with a file slightly below the new limit to confirm the runtime is actually serving the updated values.
  7. If the error only affects plugin or theme uploads, also check reverse proxy body-size limits or WAF upload restrictions in front of WordPress.
  8. Use SFTP or host file manager temporarily only if you must bypass the web upload path while finishing a larger recovery action.
  9. Document the chosen limits and the config source of truth so future PHP upgrades do not silently revert them.