The Error Message
You’re likely here because a large form submission just failed. This warning typically appears in admin dashboards or e-commerce checkouts when you try to process hundreds of fields at once:
PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini.
What Causes This Warning?
PHP introduced the max_input_vars directive in version 5.3.9. It acts as a security guard against Hash Compatibility Denial of Service (DoS) attacks. This setting caps the number of input variables—GET, POST, and COOKIE combined—that a single request can handle.
The default limit is 1000. Imagine a product grid with 200 rows, where each row has 6 inputs (price, SKU, stock level, etc.). That's 1,200 variables. You'll hit the ceiling instantly. When this happens, PHP silently drops the extra data. You won't see a crash on the frontend, but you'll end up with "partial saves" and missing information in your database.
Step-by-Step Fixes
Pick the method that matches your server access level to increase the limit.
Method 1: Edit php.ini (Global Access)
If you manage your own server, this is the cleanest solution.
- Find your
php.inifile. If you aren't sure where it's hidden, runphp -i | grep "Loaded Configuration File"in your terminal. - Search for
max_input_vars. If a semicolon (;) starts the line, remove it to uncomment the setting. - Bump the value to 3000 or 5000:
max_input_vars = 3000
- Save and restart your service for changes to take effect.
# For Apache
sudo systemctl restart apache2
# For Nginx + PHP-FPM
sudo systemctl restart php8.2-fpm
Method 2: Edit .htaccess (Apache)
On shared hosting where you can't touch the main config, use the .htaccess file in your project root. Add this line:
php_value max_input_vars 3000
Note: This only works if your server runs PHP as an Apache module (mod_php).
Method 3: Edit .user.ini (CGI/FastCGI)
Modern hosts using Nginx often support .user.ini files. Create one in your public root directory and add:
max_input_vars = 3000
Method 4: PHP-FPM Pool Config (Nginx)
If you use Nginx with PHP-FPM, you can isolate the change to a specific pool (e.g., /etc/php/8.2/fpm/pool.d/www.conf). This is ideal for multi-tenant servers. Add:
php_admin_value[max_input_vars] = 3000
Restart PHP-FPM after saving.
Verify the Fix
Don't assume it worked. Confirm the new limit by creating a temporary info.php file in your web root:
<?php phpinfo(); ?>
Visit yourdomain.com/info.php and search for max_input_vars. Look for your new value under "Local Value." Delete this file immediately after checking to prevent security leaks.
Prevention & Best Practices
While bumping the limit fixes the symptoms, consider these long-term adjustments:
- Audit your UI: Does a user really need to edit 500 rows on one screen? Consider pagination or breaking the form into multi-step wizards.
- Use JSON: For complex data, send a single JSON string via AJAX. This bypasses the variable count limit entirely since the whole payload counts as just one variable.
- Check your syntax: A single typo in
php.inican cause server errors. When managing complex configurations, I use tools like the YAML ↔ JSON Converter to validate data structures before deploying them to production. - Security balance: Don't set the limit to 100,000 without a reason. Keeping it around 3,000–5,000 protects your server from resource exhaustion attacks.