Saturday, January 22, 2011

HTTP Error 404.13 - Not Found : The request filtering module is configured to deny a request that exceeds the request content length

I was developing an application that allows user to upload files to the server using the <asp:FileUpload/> control. In order to make sure that users can upload large files, I configured the web.config as follows to allow larger files to be uploaded (The default setting is 4 MB):

<httpRuntime maxRequestLength="512000"/><!--To allow up to 500MB-->

While testing the file upload functionality from within the visual studio development server (Right clicking on the aspx file and selecting browse), I found it working quite fine. But surprisingly, after hosting the web site onto IIS (IIS 7), I found the file uploading functionality was no longer working, and, it was broken while trying to upload large files (I was trying with a file over 40MB in size). Following is the screen shot of the error message that I got:

Figure : The error message from IIS while trying to upload a large file

The error page also suggested me to do the followings:

"Verify the configuration/system.webServer/security/requestFiltering/requestLimits@maxAllowedContentLength setting in the applicationhost.config or web.config file."

So, as suggested, I did the following configuration in the web.config of my web site(By setting maxAllowedContentLength value in Bytes):

  <modules runAllManagedModulesForAllRequests="true"/>
      <requestLimits maxAllowedContentLength="512000"></requestLimits>
Guess what, it didn't work out! After modification when I tried to upload the file again, the same problem occured again. What happened?

According to the error message, the web.config or applicationhost.config should be configured according to the above suggestion. Modifying web.config didn't work out. So, the applicationhost.config could be modified to see what happens.

Wait a minute! the applicationhost.config is the configuration file of IIS (IIS7.0 or heigher). Does that mean IIS has a Request size validation?

Yes it has. Until IIS 7.0 there was no Request size validation, but since IIS 7.0, the Request length is verified by IIS first, before deliverying the Request to

So, to be true, it doesn't really make any sense to increase the maxAllowedContentLength value in web.config. The Request dies even before reaching the So, whatever is to be configured, it has to happen at IIS.

Well, as I figured out, there are two ways you can configure this value in IIS:

1. Configuring the applicationhost.config

Open the %WINDIR%\System32\inetsrv\config\applicationHist.config in editor and specify the following configuration within the security/requestFiltering section(By setting maxAllowedContentLength value in Bytes):

      <requestLimits maxAllowedContentLength="512000000"></requestLimits>


Modifying the above configuration worked for me in one PC (Running Windows 7+IIS 7.0), but, didn't work on another one (Running Windows Vista + IIS 7.0). After configuring the applicationHost.config file, I tried to upload the large file and the same error message was appearing again. I don't know why, but, if you have the same experience, applying the following approach (Configuring via IISManager) would definitely work. 

2. Configuring via IISManager

Open the IIS Manager and select the site or application you need to configure in the left panel

Select "Features View" and double click on the "Request Filtering" icon.

Figure : Request Filtering

Note :

If you can't find the "Request Filtering"icon, you need to install the IIS Administration Pack from this link : This is a lightweight installation which shouldn't take too much time on a decent internet speed.

Double clicking on the "Request Filtering"icon will bring up the Request filtering configuration window. Right click on the window and select the "Edit Feature Settings" option:

Figure : Edit Feature Settings option in IIS

Finally, specify the Maximum allowable content length (In Byte) in the following window and click "OK" to save:

Figure : Specifying Maximum allowable content length in Bytes

This worked perfect for me and I was able to upload the large file now without any problem. Hope, this will work for you too :)


Ravi said...

this is cool to learn

Anonymous said...

Thank you for the background-info, couldn't figure out what was wrong :)

Durga V said...

Thank you very much for sharing this info.

Chirag said...

Very nice, easy to learn, I get my solution.... Thanks bro..

Anonymous said...

Thank You.
I tried several options before this all to no avail.

Anonymous said...

Thanks for sharing a great post. it worked like a charm! Great work!

michael said...

Thanks! Your article is very well laid out with helpful images and useful information. I still don't see the Request Filtering icon in IIS, but I fixed what I needed to (for uploading a large database sql file in phpMyAdmin for MySQL), thanks to your article and .
Many thanks,

Anonymous said...

Thanks Brother its working


Surendra said...

thanks dude :)

Anonymous said...

Cheers buddy! Life saver!!

Anonymous said...

You saved us $20,000 Thank you brother from another mother...

Anonymous said...

Good Job Body.

Matt said...

Gracias! was pulling my hair out on this one!

Anonymous said...

Thanks for the article - sorted out my issue immediately.

Anonymous said...

thanks a lot! it helped me a lot!

Anonymous said...

My developer had no idea what was causing the issue. Once we say the detailed error 404.13 I found your article and had it fixed in 5 minutes. Thanks alot for posting.

deweshpushkar said...

Superb yaar thanks a lot........

Anonymous said...

Actually, a gotcha is that the maxAllowedContentLength is in Bytes and not KiloBytes as your first example that you said didnt work shows. You probably thought you were trying almost 500 mb but 52000 = .05 mb when it is in bytes. If you would have put 512000000 in your first example it would have probably worked. Hope this helps some folks.

Lucas said...

Thanks for being better than MSDN :D

Post a Comment