Recently, I've noticed that my website is getting hit by a crawler, which takes a very long time to open the pages. I never thought about it before but realized now that my MVC3 application never times out. For example, if I put in a Thread.Sleep(1000 * 60 * 10) (ten minutes) in my controller action and I open the page, after 10 minutes I will get rendered view.
I've read tons of articles and SO questions but no luck. I tried the solutions below on both localhost, and production server with "Release" built, but none of those did what I wanted it to do.
Solution 1:
In web.config:
<location path="ControllerName/ActionName">
<system.web>
<httpRuntime executionTimeout="1" />
</system.web>
</location>
Solution 2:
In the controller action
HttpContext.Server.ScriptTimeout = 1;
The only idea I had left was to calculate the time that elapsed since the request came in and compare it to current time and if it's bigger than my timeout limit, throw and TimeoutException() manually. I planned to put it in "OnActionExecution" and "OnActionExecuted" but if the request gets stuck somewhere in between those, I will never be able to tell if I should time it out.
Is there a good solution to implement this? Did anyone ever get request timeout to work in MVC3?
I don't think the timeout is a real problem here. I have a very strong suspicion that your site is hitting session locking issue, which is typical when being hammered by lots of simultaneous requests from the same source. Make sure you disable or mark session as readonly by default and only enable it on the actions where session is modified (like login controller for instance). See SessionStateAttribute for details.
Good answer here:
IIS Request Timeout on long ASP.NET operation
If you've already done this but are finding that your session is expiring then increase the ASP.NET HttpSessionState.Timeout value:
For example:
// Increase session timout to thirty minutes
Session.Timout = 30;
This value can also be configured in your web.config file in the sessionState configuration element:
<configuration>
<system.web>
<sessionState
mode="InProc"
cookieless="true"
timeout="30" />
</system.web>
</configuration>
A client of ours is using an asp.net web service (asmx) I created and is getting an error saying the maxItemsInObjectGraph is too small. I told him to make the necessary changes in his app.config file. But where do I have to make these changes on my side?? The web.config file in my web service doesn't mention maxItemsInObjectGraph.
Thanks a lot.
Because it has a default value which is used when it's not in your config. You'll have to either add it to your web.config or to your code as shown here, here, here or here.
EDIT: For ASMX there isn't a setting for maxItemsInObjectGraph, setting the maximum request length might help though.
<location path="yourservice.asmx">
<system.web>
<httpRuntime executionTimeout="240" maxRequestLength="20480" />
</system.web>
</location>
Other properties for the httpRuntime on MSDN
I am running an ASP.NET 2.0 application in IIS 6.0. I want session timeout to be 60 minutes rather than the default 20 minutes. I have done the following
Set <sessionState timeout="60"></sessionState>
in web.config.
Set session timeout to 60 minutes in IIS manager/Web site properties/ASP.NET configuration settings.
Set idle timeout to 60 minutes in application pool properties/performance.
I am still getting a session timeout at 20 minutes. Is there anything else I need to do?
Are you using Forms authentication?
Forms authentication uses it own value for timeout (30 min. by default). A forms authentication timeout will send the user to the login page with the session still active. This may look like the behavior your app gives when session times out making it easy to confuse one with the other.
<system.web>
<authentication mode="Forms">
<forms timeout="50"/>
</authentication>
<sessionState timeout="60" />
</system.web>
Setting the forms timeout to something less than the session timeout can give the user a window in which to log back in without losing any session data.
I don't know about web.config or IIS.
But I believe that from C# code you can do it like
Session.Timeout = 60; // 60 is number of minutes
Use the following code block in your web.config file.
Here default session time out is 80 mins.
<system.web>
<sessionState mode="InProc" cookieless="false" timeout="80" />
</system.web>
Use the following link for Session Timeout with popup alert message.
Session Timeout Example
FYI:The above examples is done with devexpress popup control so you need to customize/replace devexpress popup control with normal popup control. If your using devexpress no need to customize
In my situation, it was Application Pool. It is set to restart when idle for xx mins. When I set it to not restart, it seems to use value from Web Config.
Do you have anything in machine.config that might be taking effect? Setting the session timeout in web.config should override any settings in IIS or machine.config, however, if you have a web.config file somewhere in a subfolder in your application, that setting will override the one in the root of your application.
Also, if I remember correctly, the timeout in IIS only affects .asp pages, not .aspx. Are you sure your session code in web.config is correct? It should look something like:
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
stateNetworkTimeout="60"
sqlConnectionString="data source=127.0.0.1;Integrated Security=SSPI"
cookieless="false"
timeout="60"
/>
That is usually all that you need to do...
Are you sure that after 20 minutes, the reason that the session is being lost is from being idle though...
There are many reasons as to why the session might be cleared. You can enable event logging for IIS and can then use the event viewer to see reasons why the session was cleared...you might find that it is for other reasons perhaps?
You can also read the documentation for event messages and the associated table of events.
https://usefulaspandcsharp.wordpress.com/tag/session-timeout/
<authentication mode="Forms">
<forms loginUrl="Login.aspx" name=".ASPXFORMSAUTH" timeout="60" slidingExpiration="true" />
</authentication>
<sessionState mode="InProc" timeout="60" />
If you are using Authentication, I recommend adding the following in web.config file.
In my case, users are redirected to the login page upon timing out:
<authentication mode="Forms">
<forms defaultUrl="Login.aspx" timeout="120"/>
</authentication>
Since ASP.Net core 1.0 (vNext or whatever name is used for it) sessions are implemented differently.
I changed the session timeout value in Startup.cs, void ConfigureServices using:
services.AddSession(options => options.IdleTimeout = TimeSpan.FromSeconds(42));
Or if you want to use the appsettings.json file, you can do something like:
// Appsettings.json
"SessionOptions": {
"IdleTimeout": "00:30:00"
}
// Startup.cs
services.AddSession(options => options.IdleTimeout = TimeSpan.Parse(Config.GetSection("SessionOptions")["IdleTimeout"]));
You can find the setting here in IIS:
It can be found at the server level, web site level, or app level under "ASP".
I think you can set it at the web.config level here. Please confirm this for yourself.
<configuration>
<system.web>
<!-- Session Timeout in Minutes (Also in Global.asax) -->
<sessionState timeout="1440"/>
</system.web>
</configuration>
The default session timeout is defined into IIS to 20 minutes
Follow the procedures below for each site hosted on the IIS 8.5 web
Open the IIS 8.5 Manager.
Click the site name.
Select "Configuration Editor" under the "Management" section.
From the "Section:" drop-down list at the top of the configuration
editor, locate "system.web/sessionState".
Set the "timeout" to "00:20:00 or less”, using the lowest value
possible depending upon the application. Acceptable values are 5
minutes for high-value applications, 10 minutes for medium-value
applications, and 20 minutes for low-value applications.
In the "Actions" pane, click "Apply".
IIS sessions timeout value is for classic .asp applications only, this is controlled on IIS configuration.
In your case For ASP.NET apps, only the web.config-specified timeout value applies.
if you are want session timeout for website than remove
<authentication mode="Forms">
<forms timeout="50"/>
</authentication>
tag from web.config file.
The Timeout property specifies the time-out period assigned to the Session object for the application, in minutes. If the user does not refresh or request a page within the time-out period, the session ends.
IIS 6.0: The minimum allowed value is 1 minute and the maximum is
1440 minutes.
Session.Timeout = 600;
After changing the session timeout value in IIS, Kindly restart the IIS.
To achieve this go to command prompt. Type IISRESET and press enter.
I currently have an ASP.NET MVC project that has file uploading and it works great if the user has a good enough connection and their file is of a reasonable size.
The problem I'm running into is that sometimes a user might have a 56k connection (how they can live with it in this day and age, I don't know) or are uploading a larger file or some combination of the two.
I'd like to keep a small timeout for normal pages (90 seconds or so), but allow for a larger timeout for actions where a user is uploading. This is just one action, so I don't mind putting code inside just that singular action rather than a generic solution.
Ultimately, a solution that would automatically increase the timeout if Request.Files.Count > 0 would be the best.
I'm not sure if this would work in an MVC project, but you could try creating a location in your web.config and set the execution timeout for just your upload URL. For example:
<location path="YourUrl">
<system.web>
<httpRuntime executionTimeout="9001"/>
</system.web>
</location>
You might need to increase the timeout in web.config:
<httpRuntime executionTimeout="01:00:00" />
Now this is overridable in sub web.config files meaning that if you want to increase the timeout only for the uploading script you could write a generic HTTP handler that will handle the uploads and put it in its own subfolder with its own web.config.
Possible issue: If its not a timeout because of the zero activity, maybe its something to do with the built in size restriction, in the web.config httpRuntime section you could add/increase maxRequestLength="" to your size limit
I'm using asp:fileupload control to upload my Picture files. So the user click on browse and select the file and click on upload and in event handler of upload button there is FileUpload.PostedFile.SaveAs () etc.
Everything works fine. Accept when for big file size. e.g. I've got a file (jpg) 5.5 MB. When I try to upload this file I get an the error below.
The strange thing is I the button upload file eventhandler I check the file size. If (intFileesize < intFileSizeLimit) etc.
But the strange thig is I remove all the code in Upload eventhandler for testing/debugging and I still get the error below. So the error occurs outside the Button handler. I mean
the error cause is not by Fileupload.SAveAs etc.... So the question is how can I avoid this. I mean I have built restriction of 1 mb, but This code is not reached.
I don't have any problems with small sizes e.g. I could upload 400 kb w/o problem.
So the question is what is the cause for the big file size how can I solve this?
Other question is: Is there a tool or whatever to crop the filesize and upload? I mean even if they upload 6 mb picture, I should crop that to 50kb or whatever during upload. How to aproach this? maybe a 3rd party freeware?
ERROR I get after 2-3 seconds
Oops! This page appears broken. HTTP 404 - File not found.
see maxRequestLength in http://msdn.microsoft.com/en-us/library/e1f13641.aspx
The default request size is likely being reached. By default I believe ASP.NET supports a 4MB request size limit. You can change this in your config:
<system.web>
<httpRuntime executionTimeout="240" maxRequestLength="20480" />
</system.web>
The above example changes the request size to 20MB. The thing to take into consideration is that HTTP was never really designed to handle large file uploads. You may want to consider using an alternative, such as a Flash upload control...
UPDATE
For IIS7 you may need to update the configuration in the system.webServer section:
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="20480" />
IIS uses the same configuration system as ASP.NET, but because it may not be an ASP.NET handler being called, it has an additional setting for other content requests.
Since you already have maxRequestLength set in the <httpRuntime> tag in web.config, it looks like you are hitting the IIS7 request filter.
Try adding this to your web.config:
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="33554432"/>
</requestFiltering>
</security>
Depending on how your server is set up, you may also need to change the IIS configuration to allow you to set up request filtering at the application level rather than the machine level. Edit %windir%\system32\inetsrv\config\applicationHost.config and change:
<section name="requestFiltering" overrideModeDefault="Deny" />
To:
<section name="requestFiltering" overrideModeDefault="Allow" />