diff --git a/modules/exploits/unix/webapp/php_eval.rb b/modules/exploits/unix/webapp/php_eval.rb
index 50ee672fbc..56594d522f 100644
--- a/modules/exploits/unix/webapp/php_eval.rb
+++ b/modules/exploits/unix/webapp/php_eval.rb
@@ -32,9 +32,12 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Arch'           => ARCH_PHP,
 			'Payload'        =>
 				{
-					'Space'       => 4000,
+					# max header length for Apache,
+					# http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize
+					'Space'       => 8190,
 					# max url length for some old versions of apache according to
 					# http://www.boutell.com/newfaq/misc/urllength.html
+					#'Space'       => 4000,
 					'DisableNops' => true,
 					'BadChars'    => %q|'"`|,  # quotes are escaped by PHP's magic_quotes_gpc in a default install
 					'Compat'      =>
diff --git a/modules/exploits/unix/webapp/php_include.rb b/modules/exploits/unix/webapp/php_include.rb
index dffb9e5221..4bbd7c7961 100644
--- a/modules/exploits/unix/webapp/php_include.rb
+++ b/modules/exploits/unix/webapp/php_include.rb
@@ -40,7 +40,9 @@ class Metasploit3 < Msf::Exploit::Remote
 						{
 							'ConnectionType' => 'find',
 						},
-					'Space'       => 32768,
+					# Arbitrary big number. The payload gets sent as an HTTP
+					# response body, so really it's unlimited
+					'Space'       => 262144, # 256k
 				},
 			'DefaultOptions' =>
 				{