diff --git a/server.js b/server.js
index 0228cda..f2657d6 100644
--- a/server.js
+++ b/server.js
@@ -56,6 +56,14 @@ app.post('/image', uploadMulter.single('image'), async (req, res) => {
   if (reqFile == null) {
     return res.status(400).send(JSON.stringify({ success: false, message: 'No file uploaded.' }));
   }
+  if (reqFile.size > 10000000) {
+    fs.rm(reqFile.path, (err) => {
+      if (err) {
+        console.error("Error deleting too-large temp file", reqFile.path, "with error (but continuing):", err);
+      }
+    });
+    return res.status(400).send(JSON.stringify({success: false, message: 'File size is too large. Maximum file size is 10MB.'}));
+  }
 
   try {
     const decoded = await decodeJwt(req, res)
@@ -232,7 +240,7 @@ app.post('/image', uploadMulter.single('image'), async (req, res) => {
 });
 
 /**
- * DELETE endpoint
+ * DELETE endpoint, with 204 on successful delete
  * returns { success: true } if successful
  * returns { success: false, message: string } if not successful
  */