Upload File Size in IIS 7+


Today, i was programming to upload document files. When i wanted to upload a file having file size around 31mb, following error popped up:

To avoid this error, i had applied some changes in web.config file. By default, IIS7 limits file upload to 30MB.  If the file size, you want to upload is larger than 30MB, it returns a 404 error. 30MB limit is set in IIS7, so we can change this limit.
To change the value in IIS 7+, do the following steps:

  • Open IIS

  • Select Requests Filtering and open it by double clicking the icon.
  •  Click on ‘Edit Request Filtering Services’ and below popup window will open. The default value of 30 MB (30000000) is shown.


 There is an alternate solution that can be enabled at the site level rather than server-wide. As shown below, i have increased the content lenth from 30 MB to 50 MB in web.config's <system.webServer>

<system.webServer>
        <security>
            <requestFiltering>
                <requestLimits maxAllowedContentLength="524288000"/>
            </requestFiltering>
        </security>
</system.webServer>
Note that the maxAllowedContentLength is in BYTES.

If user try to upload the maximum allowed limit then 404.13 error display, as show in below screen.



To avoid such message from the server, we usually want to display some friendly message to the user. To do so, we have to apply some configuration setting in we.config file, as shown below.

<httpErrors errorMode="Custom" existingResponse="Replace">
      <remove statusCode="404" subStatusCode="13" />
     <error statusCode="404" subStatusCode="13" prefixLanguageFilePath="" path="UploadFile.aspx?e=FileSizeExceed"  responseMode="Redirect" />
</httpErrors>

 For more details about <httpErrors>;
http://msdn.microsoft.com/en-us/library/ms689487(v=vs.90).aspx
http://www.iis.net/configreference/system.webserver/httperrors/error




Comments

Post a Comment

Popular posts from this blog

Data Bound Controls in ASP.Net - Part 4 (FormView and DetailsView controls)

FormView The FormView control is used to display a single record from a data source. It is similar to the DetailsView control, except it displays user-defined templates instead of row fields. Creating your own templates gives you greater flexibility in controlling how the data is displayed. The FormView control supports the following features: ·          Binding to data source controls, such as SqlDataSource and ObjectDataSource. ·          Built-in inserting, updating and deleting capabilities. ·          Built-in paging capabilities. ·          Programmatic access to the FormView object model to dynamically set properties, handle events, and so on. ·          Customizable appearance through user-defined templates, themes, and styles. Templates For the FormView control to display content, you need to create templates for the different parts of the control. Most templates are optional; however, you must create a template for the mode in which the control is configur
Read more

ASP.net: HttpHandlers

Image
HTTPHandlers: ASP.NET handles all the HTTP requests coming from the user and generates the appropriate response for it. ASP.NET framework knows how to process different kind of requests based on extension. For example, it can handle request for .aspx , .ascx and .txt files, etc. When it receives any request, it checks the extension to see if it can handle that request and performs some predefined steps to serve that request. ASP.NET provides a low-level request/response API that enables developers to use .NET Framework classes to service incoming HTTP requests.So as a developer, One might want to handle some new kind of requests such as requests for .jpg or .gif. ASP.NET provides HTTPHandler to handle requests for .jpg or .gif. An ASP.NET HTTP handler is the process or endpoint that runs in response to a request made to an ASP.NET Web application. The most common handler is an ASP.NET page handler that processes .aspx files. When users request an .aspx file, the requ
Read more

The Clickjacking attack and X-Frame-Options

Clickjacking  Clickjacking is a type of “web framing” or “UI redressing” attack. What that simply means in practice is that: 1. A user (victim) is shown an innocuous, but enticing web page (think watch online video) 2. Another web page (that generally does something important – think add friends on social network) is layered on top of the first page and set to be transparent 3. When the user thinks they are clicking on the web page they see (video), they are actually clicking on the higher layered (framed) page that is transparent There are two main ways to prevent clickjacking: 1.     Sending the proper X-Frame-Options HTTP response headers that instruct the browser to not allow framing from other domains 2.     Employing defensive code in the UI to ensure that the current frame is the most top level window Using X-Frame-Options X-Frame-Options  originally invented by Microsoft for IE8, but supported by a number of browsers, this idea might have more
Read more