SharePoint Applied: Large Files in SharePoint 2010
When a team at Microsoft first conceived of SharePoint, the product team decided that the content database was the best place to store file uploads in SharePoint. Before you pull out daggers, consider that there were many advantages to this choice. You can never have a virus corrupting the server in an upload that goes into the database. No filename issues. Transaction support. Easy backups, etc. Also, believe it or not, for a certain file size (smaller the better), databases can actually offer better performance than traditional file systems for storage. In addition, the product team decided to rely heavily on GUIDs and clustered indexes inside the content database - again, a choice with positives and negatives.
Fast forward ten years, technology has changed. Databases are now much more capable of handling binaries, but on the other hand, one picture from an average smartphone is about 8 megabytes now, so documents are also much larger in size.
It is thus not a surprise that there is an increasing pressure on SharePoint to handle large file sizes. In this article, I will attempt to separate marketing and reality, and offer you, the IT professional, a true picture of what you need to do to plan for large files in SharePoint.
Out of the box in a plain vanilla SharePoint installation, the file size is set on a per web application level to 50MB. You can verify this by going to Manage Web Applications in Central Administration, select the Web Application, choose General Settings\General Settings and verifying your settings as shown in Figure 1.
Figure 1: Setting the maximum upload size per web application.
You can change this limit to a maximum of 2GB; however, I wish it was as simple as putting a new value into this textbox. The reality is, large file uploads require you to consider numerous items at all links in the chain.
Web Server Considerations
The ability to upload large files doesn’t come without penalties. By default there are two limits to consider: a limit on the maximum request length and a limit on the execution time out.
- The default size in ASPNET is 4MB because every single upload runs as an HTTP POST request, and occupies server memory, and a server thread, thereby heavily reducing the server’s capacity to support multiple users concurrently.
- There is also a limit on the maximum execution time out to avoid slow denial of service attacks where a hacker can start a spurious upload, and upload, really really really slowly. To avoid that issue, most web applications have a default execution timeout. In order to support larger uploads, you need to change this to a higher value as well. Unfortunately, this change makes your server more vulnerable to such attacks.
You can fix both of these by tweaking the web.config of your web application. You can add the system.web\httpRuntime\@maxRequestLength attribute. Note that SharePoint already sets this value to a pretty high value by default for IIS at the system.webserver\security\requestFiltering\requestLimits\@maxAllowedContentLength attribute. If you are using SharePoint for an Internet facing site, perhaps you want to tweak this lower. One additional thing you will probably have to set at the IIS level, however, is the connection timeout on the website. You can access this by going to advanced settings of the website and changing the connection timeout.
By: Sahil Malik
Sahil Malik is a Microsoft MVP, INETA speaker, a .NET author, consultant, and trainer, and a well-rounded overweight geek. He has a passion for SharePoint, data access, and application architecture.
Sahil loves interacting with fellow geeks in real time. His talks are full of humor and practical nuggets. His talks tend to get very highly charged, fast moving, and highly interactive.
You should check out his blog at http://blah.winsmarts.com