From 109f6a49847021b980ee0bf51de3f2458d2f4fc1 Mon Sep 17 00:00:00 2001
From: Phan An <me@phanan.net>
Date: Mon, 17 Apr 2023 00:10:34 +0200
Subject: [PATCH] feat: add sensitive default upload settings

---
 nginx.conf.example       | 1 +
 public/.htaccess         | 3 +++
 public/.user.ini.example | 6 +++---
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/nginx.conf.example b/nginx.conf.example
index e974f905..815b5650 100644
--- a/nginx.conf.example
+++ b/nginx.conf.example
@@ -9,6 +9,7 @@ server {
   gzip_comp_level  9;
 
   send_timeout    3600;
+  client_max_body_size  50M;
 
   location / {
     try_files   $uri $uri/ /index.php?$args;
diff --git a/public/.htaccess b/public/.htaccess
index 675c8eda..9debde5f 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -105,3 +105,6 @@
   </IfModule>
 
 </IfModule>
+
+php_value upload_max_filesize 50M
+php_value post_max_size 50M
diff --git a/public/.user.ini.example b/public/.user.ini.example
index eaf240b0..c439ad69 100644
--- a/public/.user.ini.example
+++ b/public/.user.ini.example
@@ -1,6 +1,6 @@
 ; If your server uses a CGI/FastCGI SAPI, PHP supports per-directory configuration
 ; via .user.ini files. For example, you can increase the upload file and post size
-; limits by setting the desired values here renaming this file into .user.ini.
+; limits by setting the desired values here and renaming this file into .user.ini.
 
-upload_max_filesize = 20M
-post_max_size = 21M
+upload_max_filesize = 50M
+post_max_size = 50M