maxRequestLength attribute sets the limit for the input
stream buffering threshold in KB. Attackers can use large requests to cause
The recommended value is 4096 KB but you should try setting it as small as possible according to business requirements.
The following example shows the
attribute set to a high value (255 MB) in a
file for ASP.NET:
Unless such a high value is strictly needed, it is better to set the recommended value (4096 KB):