PhpSecInfo Test Information
Checks if upload_max_filesize is greater than 256KB.
upload_max_filesize limits the maximum size of files that PHP will accept through uploads. Attackers may attempt to send grossly oversized files to exhaust your system resources; by setting a realistic value here you can mitigate some of the damage by those attacks. By default, PHP sets this value to 2MB.
You can set upload_max_filesize in the php.ini file:
; Lower upload_max_filesize for security reasons upload_max_filesize = 256K
The setting can also be applied in apache's httpd.conf file, or an .htaccess file:
# Lower upload_max_filesize for security reasons php_value upload_max_filesize 256K