Increase upload file size in Asp.Net core

The other answers solve the IIS restriction. However, as of ASP.NET Core 2.0, Kestrel server also imposes its own default limits.

Github of KestrelServerLimits.cs

Announcement of request body size limit and solution (quoted below)

MVC Instructions

If you want to change the max request body size limit for a specific MVC action or controller, you can use the RequestSizeLimit attribute. The following would allow MyAction to accept request bodies up to 100,000,000 bytes.

[HttpPost]
[RequestSizeLimit(100_000_000)]
public IActionResult MyAction([FromBody] MyViewModel data)
{

[DisableRequestSizeLimit] can be used to make request size unlimited. This effectively restores pre-2.0.0 behavior for just the attributed action or controller.

Generic Middleware Instructions

If the request is not being handled by an MVC action, the limit can still be modified on a per request basis using the IHttpMaxRequestBodySizeFeature. For example:

app.Run(async context =>
{
    context.Features.Get<IHttpMaxRequestBodySizeFeature>().MaxRequestBodySize = 100_000_000;

MaxRequestBodySize is a nullable long. Setting it to null disables the limit like MVC's [DisableRequestSizeLimit].

You can only configure the limit on a request if the application hasn’t started reading yet; otherwise an exception is thrown. There’s an IsReadOnly property that tells you if the MaxRequestBodySize property is in read-only state, meaning it’s too late to configure the limit.

Global Config Instructions

If you want to modify the max request body size globally, this can be done by modifying a MaxRequestBodySize property in the callback of either UseKestrel or UseHttpSys. MaxRequestBodySize is a nullable long in both cases. For example:

.UseKestrel(options =>
{
    options.Limits.MaxRequestBodySize = null;

or

.UseHttpSys(options =>
{
    options.MaxRequestBodySize = 100_000_000;

You're probably getting a 404.13 HTTP status code when you upload any file over 30MB. If you're running your ASP.Net Core application in IIS, then the IIS pipeline is intercepting your request before it hits your application.

Update your web.config:

<system.webServer>
    <handlers>
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
    </handlers>
    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
    <!-- Add this section for file size... -->
    <security>
      <requestFiltering>
        <!-- Measured in Bytes -->
        <requestLimits maxAllowedContentLength="1073741824" />  <!-- 1 GB-->
      </requestFiltering>
    </security>
  </system.webServer>

Previous ASP.Net applications also needed this section, but it's not needed anymore in Core as your requests are handled by middleware:

  <system.web>
    <!-- Measured in kilobytes -->
    <httpRuntime maxRequestLength="1048576" />
  </system.web>

In ASP.NET Core 1.1 project that created by Visual Studio 2017, if you want to increase upload file size. You need to create web.config file by yourself, and add these content:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.webServer>
    <security>
      <requestFiltering>
        <!-- 1 GB -->
        <requestLimits maxAllowedContentLength="1073741824" />
      </requestFiltering>
    </security>
  </system.webServer>
</configuration>

In Startup.cs file, add these content:

public void ConfigureServices(IServiceCollection services)
{
  services.Configure<FormOptions>(x =>
  {
      x.ValueLengthLimit = int.MaxValue;
      x.MultipartBodyLengthLimit = int.MaxValue;
      x.MultipartHeadersLengthLimit = int.MaxValue;
  });

  services.AddMvc();
}

Maybe I am late here but here is the complete solution for uploading a file with a size of more than 30.0 MB in ASP.NET Core Version >=2.0:

You need to do the following three steps:

1. IIS content length limit

The default request limit (maxAllowedContentLength) is 30,000,000 bytes, which is approximately 28.6 MB. Customize the limit in the web.config file:

<system.webServer>
    <security>
        <requestFiltering>
            <!-- Handle requests up to 1 GB -->
            <requestLimits maxAllowedContentLength="1073741824" />
        </requestFiltering>
    </security>
</system.webServer>

Note: without this application running on IIS would not work.

2. ASP.NET Core Request length limit

For application running on IIS:

services.Configure<IISServerOptions>(options =>
{
    options.MaxRequestBodySize = int.MaxValue;
});

For application running on Kestrel:

services.Configure<KestrelServerOptions>(options =>
{
    options.Limits.MaxRequestBodySize = int.MaxValue; // if don't set default value is: 30 MB
});

3. Form's MultipartBodyLengthLimit

services.Configure<FormOptions>(options =>
{
    options.ValueLengthLimit = int.MaxValue;
    options.MultipartBodyLengthLimit = int.MaxValue; // if don't set default value is: 128 MB
    options.MultipartHeadersLengthLimit = int.MaxValue;
});

Adding all the above options will solve the problem related to the file upload with a size of more than 30.0 MB.

In your startup.cs configure FormsOptions Http Feature:

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<FormOptions>(o =>  // currently all set to max, configure it to your needs!
    {
        o.ValueLengthLimit = int.MaxValue;
        o.MultipartBodyLengthLimit = long.MaxValue; // <-- !!! long.MaxValue
        o.MultipartBoundaryLengthLimit = int.MaxValue;
        o.MultipartHeadersCountLimit = int.MaxValue;
        o.MultipartHeadersLengthLimit = int.MaxValue;
    });
}

UseIHttpMaxRequestBodySizeFeature Http Feature to configure MaxRequestBodySize

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    app.Use(async (context, next) =>
    {
        context.Features.Get<IHttpMaxRequestBodySizeFeature>().MaxRequestBodySize = null; // unlimited I guess
        await next.Invoke();
    });
}

Kestrel:

public static IHostBuilder CreateHostBuilder(string[] args) =>
                    Host.CreateDefaultBuilder(args)
                    .ConfigureWebHostDefaults(webBuilder =>
                    {
                        webBuilder.UseStartup<Startup>.UseKestrel(o => o.Limits.MaxRequestBodySize = null);
                    });

IIS --> web.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.web>
    <!-- ~ 2GB -->
    <httpRuntime maxRequestLength="2147483647" /> // kbytes
  </system.web>
  <system.webServer>
    <security>
      <requestFiltering>
        <!-- ~ 4GB -->
        <requestLimits maxAllowedContentLength="4294967295" /> // bytes
      </requestFiltering>
    </security>
  </system.webServer>
</configuration>

Http.sys:

public static IHostBuilder CreateHostBuilder(string[] args) =>
    Host.CreateDefaultBuilder(args)
        .ConfigureWebHostDefaults(webBuilder =>
        {
            webBuilder.UseStartup<Startup>().UseHttpSys(options =>
            {
                options.MaxRequestBodySize = null;
            });
        });

You would ahve to implement your own custom MemoryStream class. But anyway, buffering such large files makes no sense.

Using a web.config might compromise the architecture of .NET core and you might face problem while deploying the solution on Linux or on Mac.

Better is to use the Startup.cs for configuring this setting: Ex:

services.Configure<FormOptions>(x =>
{
    x.ValueLengthLimit = int.MaxValue;
    x.MultipartBodyLengthLimit = int.MaxValue; // In case of multipart
});

Here is a correction:

You need to add web.config as well because when the request hits the IIS then it will search for the web.config and will check the maxupload length: sample :

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.webServer>
    <security>
     <requestFiltering>
    <!-- 1 GB -->
     <requestLimits maxAllowedContentLength="1073741824" />
  </requestFiltering>
</security>

1. In your web.config:

   <system.webServer>
     <security>
       <requestFiltering>
         <requestLimits maxAllowedContentLength="2147483648" />
       </requestFiltering>
     </security>
   </system.webServer>
   

2. Manually edit the ApplicationHost.config file:

   1. Click Start. In the Start Search box, type Notepad. Right-click Notepad, and then click "Run as administrator".
   2. On the File menu, click Open. In the File name box, type "%windir%\system32\inetsrv\config\applicationhost.config", and then click Open.
   3. In the ApplicationHost.config file, locate the <requestLimits> node.

   4. Remove the maxAllowedContentLength property. Or, add a value that matches the size of the Content-Length header that the client sends as part of the request. By default, the value of the maxAllowedContentLength property is 30000000.

      

   5. Save the ApplicationHost.config file.

I will add this for completeness for other unlucky lads like me that ended up here, Source

In Startup.cs:

services.Configure<FormOptions>(options =>
{
    options.MultipartBodyLengthLimit = 60000000;
});

In my case, I needed to increase the file upload size limit, but for a single page only.

The file upload size limit is a security feature, and switching it off or increasing it globally often isn't a good idea. You wouldn't want some script kiddie DOSing your login page with extremely large file uploads. This file upload limit gives you some protection against that, so switching it off or increasing it globally isn't always a good idea.

So, to increase the limit for a single page instead of globally:

(I am using ASP.NET MVC Core 3.1 and IIS, Linux config would be different)

1. Add a web.config

otherwise IIS (or IIS Express, if debugging in Visual Studio) will block the request with a "HTTP Error 413.1 - Request Entity Too Large" before it even reaches your code.

Note the "location" tag, which restricts the upload limit to a specific page

You will also need the "handlers" tag, otherwise you will get a HTTP 404 error when browsing to that path

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <location path="SomeController/Upload">
    <system.webServer>
      <handlers>
        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
      </handlers>
      <security>
        <requestFiltering>
          <!--unit is bytes => 500 Mb-->
          <requestLimits maxAllowedContentLength="524288000" />
        </requestFiltering>
      </security>
    </system.webServer>
  </location>
</configuration>

2. Next you will need to add the RequestSizeLimit attribute to your controller action, since Kestrel has its own limits too. (you can instead do it via middleware as per other answers if you prefer)

    [HttpPost]
    [RequestSizeLimit(500 * 1024 * 1024)]       //unit is bytes => 500Mb
    public IActionResult Upload(SomeViewModel model)
    {
        //blah blah
    }
   

and for completeness (if using MVC), your view and view model could look like this:

view

<form method="post" enctype="multipart/form-data" asp-controller="SomeController" asp-action="Upload">
    <input type="file" name="@Model.File" />
</form>

View Model

public class SomeViewModel
{
    public IFormFile File { get; set; }
}

and, if you are uploading files greater than 128Mb via form post, you may run in to this error too

InvalidDataException: Multipart body length limit 134217728 exceeded.

So on your controller action you could add the RequestFormLimits attribute

 [HttpPost]
 [RequestSizeLimit(500 * 1024 * 1024)]       //unit is bytes => 500Mb
 [RequestFormLimits(MultipartBodyLengthLimit = 500 * 1024 * 1024)]
 public IActionResult Upload(SomeViewModel model)
 {
     //blah blah
 }