You may receive a 403 error when you use an ASP request to upload a large file in Internet Information Services

When you use an Active Server Pages (ASP) request to upload a large file to a computer where Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, or Microsoft Internet Information Services (IIS) 6.0 is installed, the upload may fail. You may also receive a 403 error response or an error message that is similar to one of the following:

Error message 1Error message 2When you post lots of form data to an ASP page, you may receive an error message that is similar to the following:Additionally, the file upload may fail when you use the Response.binaryWrite method.

You experience one or more of these symptoms even though the same file upload worked in earlier versions of IIS.

This issue occurs if a Content-Length header is present and if the Content-Length header specifies an amount of data that is larger than the value of the AspMaxRequestEntityAllowed property in the IIS metabase. The default value for the AspMaxRequestEntityAllowed property is 204,800 bytes.

Note This metabase property was first included in the October 2002 cumulative update for IIS. This metabase property is included in a default installation of IIS 6.0.

Warning If you edit the metabase incorrectly, you can cause serious problems that may require you to reinstall any product that uses the metabase. Microsoft cannot guarantee that problems that result if you incorrectly edit the metabase can be solved. Edit the metabase at your own risk.

Note Always back up the metabase before you edit it.

To resolve this issue, modify the value in the AspMaxRequestEntityAllowed property to set the maximum number of bytes that are permitted in the entity body of an ASP request. To do this, follow these steps:

1. At a command prompt, type the following command, and then press ENTER:
   cd drive:\inetpub\adminscripts
   Note In this command to change folders, drive is a placeholder for the hard disk where IIS is installed.
2. At a command prompt, type the following command, and then press ENTER:
   cscript adsutil.vbs set w3svc/ASPMaxRequestEntityAllowed size
   Note In this command, size is a placeholder for the largest file size upload that you want to allow. The maximum value is 1,073,741,824 bytes. Set this value to the lowest possible value that allows for the functionality that you want.
3. At a command prompt, type the following command, and then press ENTER:
   iisreset

The AspMaxRequestEntityAllowed property specifies the maximum number of bytes that are permitted in the entity body of an ASP request. If a Content-Length header is present and if the Content-Length header specifies an amount of data that is larger than the value of the AspMaxRequestEntityAllowed property, IIS returns a 403 error response. The AspMaxRequestEntityAllowed property applies only to PUT requests and to POST requests. The AspMaxRequestEntityAllowed property does not apply to GET requests. Because this metabase property applies only to ASP, other Internet Server API (ISAPI) extensions are not affected.

The AspMaxRequestEntityAllowed property is related in function to the MaxRequestEntityAllowed property. However, the AspMaxRequestEntityAllowed property is specific to ASP requests. You can set the MaxRequestEntityAllowed property to 1 megabyte (MB) at the World Wide Web Publishing Service (WWW Service) level. Then, you can set the AspMaxRequestEntityAllowed property to a smaller value if you know that your specific ASP applications handle a smaller amount of data.

For more information about how to obtain the October 2002 cumulative update for IIS, click the following article number to view the article in the Microsoft Knowledge Base: For more information about how to obtain the May 2003 cumulative update for IIS, click the following article number to view the article in the Microsoft Knowledge Base: