IIS7 - The request filtering module is configured to deny a request that exceeds the request content length

Question

I want to upload images, it works fine on my machine but when I put my website on IIS7 server for public I can't upload anything.

Error

The request filtering module is configured to deny a request that exceeds the request content length.

Most likely causes

Request filtering is configured on the Web server to deny the request because the content length exceeds the configured value.

Things you can try

Verify the configuration/system.webServer/security/requestFiltering/requestLimits@maxAllowedContentLength setting in the applicationhost.config or web.config file.

system.webServer in Web.config

  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true" />
    <security>
      <requestFiltering>
         <requestLimits maxAllowedContentLength="1048576" />
      </requestFiltering>
   </security>
  </system.webServer>

As you can see I set my maxAllowedContentLength to 1gb. Restarted my website and still getting this error. I made an /uploads/ folder on my file system where it suppose to be as well. Have no idea what causes this error and why I can't upload images.

maxAllowedContentLength is in bytes. You've set a 1MB limit. http://msdn.microsoft.com/en-us/library/ms689462%28VS.90%29.aspx — StuartLC, Jun 03 '12 at 16:25
Latest MSDN documentation is in KB: https://msdn.microsoft.com/en-us/library/system.web.configuration.httpruntimesection.maxrequestlength(v=vs.110).aspx — Vince I, Jul 24 '18 at 14:40

score 50 · Accepted Answer · edited Jun 10 '20 at 18:07

50

<configuration>
    <system.web>
        <httpRuntime maxRequestLength="1048576" />
    </system.web>
</configuration>

From here.

For IIS7 and above, you also need to add the lines below:

 <system.webServer>
   <security>
      <requestFiltering>
         <requestLimits maxAllowedContentLength="1073741824" />
      </requestFiltering>
   </security>
 </system.webServer>

edited Jun 10 '20 at 18:07

niico

11,206
23
78
161

answered Jun 03 '12 at 16:41

Stan

25,744
53
164
242

22

you are missing half the story.. you need to configure also **MaxAllowedContentLength** – iamnicoj Jan 05 '16 at 01:36
2

@LaPuyaLoca is correct, this is half an answer, I think the full one is provided [here](http://stackoverflow.com/a/40085473/2912011). – David Rogers Feb 02 '17 at 21:45

stink · Answer 2 · 2015-08-06T13:30:14.160

3

The following example Web.config file will configure IIS to deny access for HTTP requests where the length of the "Content-type" header is greater than 100 bytes.

  <configuration>
   <system.webServer>
      <security>
         <requestFiltering>
            <requestLimits>
               <headerLimits>
                  <add header="Content-type" sizeLimit="100" />
               </headerLimits>
            </requestLimits>
         </requestFiltering>
      </security>
   </system.webServer>
</configuration>

Source: http://www.iis.net/configreference/system.webserver/security/requestfiltering/requestlimits

edited Aug 06 '15 at 13:30

answered Jan 12 '15 at 18:14

stink

865
8
19

could you please explain what you did to fix the issue? – Malachi Aug 03 '15 at 21:29
1

I don't know how, but this solution worked for me. I was having configuration error saying: `HTTP Error 404.7 - Not Found. The request filtering module is configured to deny the file extension.` while trying to run existing `wcf` project in `Role` of new `Azure Cloud Service`. I added these lines in `web.config` of existing `wcf` project, and it worked – Zeeshan Aug 29 '15 at 07:30
@zeeshan I wouldn't spend too much time troubleshooting Azure server configs.... There are some other gotchas. – stink Aug 30 '15 at 00:14

score 0 · Answer 3 · answered May 07 '18 at 21:07

0

I had similar issue, I resolved by changing the requestlimits maxAllowedContentLength ="40000000" section of applicationhost.config file, located in "C:\Windows\System32\inetsrv\config" directory

Look for security Section and add the sectionGroup.

<sectionGroup name="requestfiltering">
    <section name="requestlimits" maxAllowedContentLength ="40000000" />
</sectionGroup>

*NOTE delete;

<section name="requestfiltering" overrideModeDefault="Deny" />

answered May 07 '18 at 21:07

AlexanderAdade

51
3

This method is not helpful at all. When I delete as your note the file applicationhost.config ran into error – Kyle Houston - Phi Anh Mar 01 '22 at 06:26

Raven · Answer 4 · 2023-08-28T10:12:13.903

0

I used it like this and it worked for me :

Added this in web.config

 <security>
  <requestFiltering>
    <requestLimits maxAllowedContentLength="1073741824" />
  </requestFiltering>
</security>

Also added this on my controller's method

    [RequestFormLimits(MultipartBodyLengthLimit = 1073741824)]
    public async Task<IActionResult> Upload(IFormFile file)
    {
        // file code here
    }

edited Aug 28 '23 at 10:12

answered Jun 12 '23 at 08:45

Raven

31
8

IIS7 - The request filtering module is configured to deny a request that exceeds the request content length

Error

Most likely causes

Things you can try

system.webServer in Web.config

4 Answers4

Linked

Related