Support

No. Whoever gave you that advice should be tarred, feathered and stringed. The upload and POST size are not security features. They are preferences. The max upload size defines what is the maximum size a single file uploaded to your server can be. When hosting accounts had 20MB of disk space it made sense to set it to 50K or less. With hosting accounts having several GB of space and upload security being orders of magnitude improved over the early '00s there is no point having this too low.

The maximum POST size defines what is the maximum size of data a POST request can have. This does not apply just to downloads. It has to be at least the max upload file size times the number of files you expect to upload at any given time.

Akeeba Backup DOES NOT have a requirement for these settings. The only thing you can upload to Akeeba Backup is exported settings files which are less than 100KB.

Joomla!, however, lets you install extensions by uploading their packages to your server. By necessity of having to upload files, both of these settings need to be at least as high as the size of the package you are uploading. Akeeba Backup IS NOT the only extension that's around 2.4MB. Last time I checked, HikaShop was a hefty extension too.

Also, upload & install is NOT the only method to install extension. Akeeba Backup in particular (and all of our extensions) has embraced the Install From URL since 2012, when Joomla! made it technically possible. When you go to the Download page you can click on All Files and then copy the Direct Link URL. There are instructions on that page about how to use this feature of our site.

Key points:
1. There is no need to set these settings so low; they offer no security
2. Even if you do, you are NOT violating a requirement of our software; you just make it impossible to install any extension of substantial size on your site.
3. If you want to install our software despite such a low setting you can always do that with Install from URL.

I hope that helps :)

It depends. If your server is using PHP over CGI/FastCGI and it allows setting up PHP variables through .htaccess, yes, it will work. If they are using PHP-FPM (FastCGI Process Manager) it may take a long time or a service restart for the new values to take effect. On some servers you may have to use a .user.ini file instead - or another name, depending on how your server is configured.

So this is really something you should ask your host. The answer is contingent to how they've configured the server.

I can tell you that on my Apache servers (live and testing) I use FastCGI and I do allow PHP configuration variables to be set through the .htaccess file. Therefore on my servers what you said is correct :)

You are welcome! I am glad I could help you :)

It doesn't really matter. These directives are not positional :)

I already told you you might need a .user.ini and that you should ask your host. Do you now see why I write this kind of responses? I am not trying to be difficult, I do not want to dismiss you, I am not masking ignorance (quite the contrary) and I am not trying to make your issue someone else's problem: I just know how servers work for I have configured plenty of my own. I also know that there's no way to know what will work unless you've either configured the server or have root access and nothing to do with your life. Hence my advice to ask the host before trying anything: they've configure the server and they know what will work and what won't work. It's the path of least resistance ;)