Please be advised that setting a large post_max_size or upload_max_filesize for a complete server or a complete virtual host is not a good idea as it may lead to increased security risks.
The risk is that an attacker may send very large POST requests and overloading your server memory and CPU as it has to parse and process those requests before handling them to your PHP script.
So it's best to limit changing this setting to some files or directories. For example if I want to /admin/files/ and /admin/images/ I can use:
<If "%{REQUEST_URI} =~ m!^/admin/(files|images)/! && -n %{HTTP_COOKIE}">
php_value post_max_size 256M
php_value upload_max_filesize 256M
</If>
I also require the request to have a cookie to avoid basic attacks. This will not protect you against attacks coming from non-authenticated users, but may delay any attack.
This setting can be used in Apache server configuration files, and .htaccess files as well.
