Blocking 413 errors in NGINX: What I usually see is that developers tend to increase the max upload size limit of nginx to absurd levels and handle the validation in the application. Why not block it here in NGINX right away?

your-app.conf

server {
    listen 80;
    server_name dev.your-app.com;
    
    server_tokens off;

    location / {
        return 301 https://$host$request_uri;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}

server {
    listen 443 ssl;
    server_name dev.your-app.com;

    # Hides server details
    server_tokens off;

    index index.php index.html;
    error_log  /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;

    root /var/www/public;
    ssl_certificate /etc/letsencrypt/live/dev.your-app.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.your-app.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    # Use current default of 1M, uncomment below if we need larger files.
    # client_max_body_size 2M;
    error_page 413 @entity_too_large;
    
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass app:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
    }

    location / {
        try_files $uri $uri/ /index.php?$query_string;
        gzip_static on;
    }

    location @entity_too_large {
        default_type application/json;
        add_header X-debug-message "413 Blocked in NGINX" always;
        return 413 '{"error": {"status_code": 413, "status": "Request Entity Too Large", "message": "You may be trying to upload a file that is too large"}}';
    }
}