diff --git a/config.example.php b/config.example.php
index dee21b3..7811cf1 100644
--- a/config.example.php
+++ b/config.example.php
@@ -9,6 +9,10 @@ $adminPassword = "setAPasswordHere!123";
 // page title
 $pageTitle = "the cool qna";
 
+// only applies to sent messages, responses and cws edited by admins can exceed this limit
+$maxQuestionLength = 10000;
+$maxCWLength = 250;
+
 $pageDomainEnabled = true;
 $pageProto = "https";
 $pagePath = "/qna";
diff --git a/index.php b/index.php
index bc57637..ca4ea27 100644
--- a/index.php
+++ b/index.php
@@ -33,9 +33,9 @@ if ($_GET["sent"] == 1) {
     <summary class="sendsum">send a message!</summary>
     <form class="frm" action="send.php">
       <label for="questioninput">enter your message: </label>
-      <input id="questioninput" name="text" required><br>
+      <input id="questioninput" name="text" required maxlength="<?php echo($maxQuestionLength); ?>"><br>
       <label for="cwinput">cw if applicable: </label>
-      <input id="cwinput" name="cw"><br>
+      <input id="cwinput" name="cw" maxlength="<?php echo($maxCWLength); ?>"><br>
       <input type="checkbox" id="pubbox" name="public" value="1" checked>
       <label for="pubbox">if this is checked, your message will be available publicly</label><br>
       <input type="submit" value="send">
diff --git a/send.php b/send.php
index b1adc0f..e2dca0a 100644
--- a/send.php
+++ b/send.php
@@ -7,8 +7,8 @@ if ($_GET["text"] === null) {
 }
 
 $dataArray = array(
-  "text" => $_GET["text"],
-  "cw" => $_GET["cw"],
+  "text" => substr($_GET["text"], 0, $maxQuestionLength),
+  "cw" => substr($_GET["cw"], 0, $maxCWLength),
   "iscwed" => !($_GET["cw"] === null || $_GET["cw"] === ""),
   "time" => date("Y-m-d H:i:sP"),
   "ispublic" => $_GET["public"] == 1,