Many web applications have pages for users to upload files. Whether or not it’s a PDF document or image file, IIS has a limit for the size of the content users can upload. If the file size exceeds this limit, the application throws “Error in HTTP request, received HTTP status 413 (Request Entity Too Large)” error.
The default upload size in IIS is 49 KB (49152 bytes). The application logs the error message below if user tries to upload a file that is bigger than the default upload size.
Error in HTTP request, received HTTP status 413 (Request Entity Too Large)
You may ask why this issue occurs for sites protected by SSL. It is because the request body must be preloaded during the SSL handshake process.
Solution for “413 Request Entity Too Large” error
The simplest solution is that increasing the upload size limit. IIS uses
uploadReadAheadSize parameter in
web.config files to control this limit. This parameter specifies the number of bytes that IIS will read to run respective IIS module.
Optional uint attribute.
Specifies the number of bytes that a Web server will read into a buffer and pass to an ISAPI extension or module. This occurs once per client request. The ISAPI extension or module receives any additional data directly from the client. The value must be between 0 and 2147483647.
The default value is
Steps to change the value of this parameter are below. Make sure to increase this value only if your application has to work with files bigger than the default limit (49 KB). Set the new value to the minimum limit which is high enough to upload files successfully.
- Go to IIS Manager
- Select the site that you are hosting your web application under
- In the Features section, double click “Configuration Editor”
- In the “Section” list, select
- Modify the
- Click “Apply”
For security reasons, you may not want to allow changing this parameter in the individual
web.config files because you may want to enforce the settings in the
applicationHost.config. Here is a step-by-step guide to configre IIS accordingly: Configure IIS to ignore web.config files in application subfolders
Another parameter you may want to change is
maxRequestEntityAllowed. This parameter specifies the maximum number of bytes allowed in the request body.
Still seeing the error?
The issue may not be related to IIS configuration. In a case, I saw that this issue was caused by a proxy (WebSEAL) between clients and IIS servers.
If you make a mistake while editing the website configuration, you may receive “Configuration file is not well-formed XML” error. Check this post out to see how to solve this issue: Configuration file is not well-formed XML