Large file uploads in ASP.NET
Uploading files via the FileUpload control gets tricky with big files. The default maximum filesize is 4MB – this is done to prevent denial of service attacks in which an attacker submitted one or more huge files which overwhelmed server resources. If a user uploads a file larger than 4MB, they’ll get an error message: “Maximum request length exceeded.”
Increasing the Maximum Upload Size
The 4MB default is set in machine.config, but you can override it in you web.config. For instance, to expand the upload limit to 10MB, you’d do this:
<httpRuntime> executionTimeout=”600″ maxRequestLength=”10240″
Since the maximum request size limit is there to protect your site, it’s best to expand the file-size limit for specific directories rather than your entire application. That’s possible since the web.config allows for cascading overrides. You can add a web.config file to your folder which just contains the above, or you can use the tag in your main web.config to achieve the same effect.