ASP.NET file upload exceeds the request content length

In IIS7 environment, there are several limit for ASP.NET can be override by web.config. One of error could be follow:
The request filtering module is configured to deny a request that exceeds the request content length

This problem occurs because by default in IIS 7 enabled requestFiltering that have MaxAllowedContentLength property. It specifies, in bytes, the maximum length of content in a request. The default is 30000000 (approximately 30 megabytes.)

To override the default setting, you could add following to web.config:

<configuration>
   <system.webServer>
      <security>
         <requestFiltering>
            <requestLimits maxAllowedContentLength="100000000"/> 
         </requestFiltering>
      </security>
   </system.webServer>
</configuration>

refer to:
http://www.element-it.com/RequestFilteringModule-maxAllowedContentLength.aspx

Notice above situation only occur on IIS7 or Windows 2008
———————————–

Regarding asp.net upload size limit, there are other limits like executionTimeout & maxRequestLength. If file upload larger then the limit, "Maximum request length exceeded. " error will be shown.

You can add to the site web.config like follow:
<httpRuntime executionTimeout="seconds"
             maxRequestLength="kbytes"
             minFreeThreads="numberOfThreads"
             minLocalRequestFreeThreads="numberOfThreads"
             appRequestQueueLimit="numberOfRequests"
             useFullyQualifiedRedirectUrl="true|false"  />

ref:
http://www.devx.com/vb2themax/Tip/18803
http://aspnetupload.com/HowTo.aspx

Please note that with higher executionTimeout value your site will be more vulnerable by DOS attack.

Share

- has written 121 posts.


Leave a Reply

You must be logged in to post a comment.