I have a requirements that the admin panel of Umbraco needs to be able to upload large files of videos such as a 2gb, 4gb.. I heard that .Net has a limit of 4gb or 2gb of upload (correct me if I'm wrong). So basically I already changed the maxAllowedContentLength such as below
<!-- Max file size limitation -->
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="4257286400" />
</requestFiltering>
</security>
and because there are limits to the duration and upload size I also adjusted the execution time
<httpRuntime maxRequestLength="4257286400" executionTimeout="9999999" requestValidationMode="2.0" enableVersionHeader="false" targetFramework="4.5" />
Now the problem is when I try to upload a 1gb of file the page just keeps on loading and nothing happens when I try to turn on debug logs I can see that it's being canceled due to large files. Now I don't know how to solve this as I really need for the user to be able to upload large files.
The option of uploading the file to a different site like youtube or vimeo is not an option. I really need to upload it to the site directly. Is there a way to achieve this in Umbraco?
Note: I already used some package available but none work like
Import Media - Already installed this but I don't know how it works. Like there are no new feature on the admin panel so I don't know what to look for here
Would really appreaciate some help here. I just want to be able to upload large files in Umbraco
Just to summarize this:
How to upload Large file in Umbraco Backend-Office because my settings is not allowing me to do so. Minimum filesize is 2gb
How to use Import Media Package if anyone have a chance to use this
Looks like the issue is caused by different dimensions for values in attributes:
1) "maxAllowedContentLength" specifies the maximum length of content in a request, in bytes (uint): https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/requestlimits/
2) "maxRequestLength" sets the maximum request size in kilobytes(Int32):
https://learn.microsoft.com/en-us/dotnet/api/system.web.configuration.httpruntimesection.maxrequestlength?view=netframework-4.8
What kind of error message are you getting about uploads "being canceled due to large files"?
AFAIK Umbraco doesn't have these kinds of limits by itself, it's all managed by IIS via the settings you've already found.
However I do seem to recall something about machine.config that might also set some of these properties and thus trump your local website settings. So that's something to check if you have access to that file (it'll be somewhere like C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config). Otherwise you might want to contact some hosting administrator/support and ask if there's a global limit set.
Related
I have an Umbraco (v6.1.6) website, hosted on Azure Hosted (Website & DB).
Recently the client reported, that some images have disappeared from the website!
Looking at the CMS back office, the content nodes are referencing media items, but 'some' of those items are no longer present in the media section! The media files are however present on the web server in the /media folder as expected!
Now, this should be running as a single instance site, but looks like the site was run in with multiple(3) instances for a while, such as when the missing images were loaded.
[All the unaffected media has lower id’s (<10000) while the missing items in the media section have higher ids (20000’s or 50000’s)]
The site is now back to running one instance.
Q. Is there a way I can re-generate the items in the Umbraco Media section, based on the media actually present in the /Media folder?
What you need to do depends a lot on the state of your site and what has been going on while it was running in 3 instances... and what you want the outcome to be!
Metadata for media in umbraco is stored in the database and the actual files are stored on disk. If your site has been running in 3 instances using the same database but different file locations on disk, you should actually be seeing that the media items exist in the database even though the files might be scattered in the 3 instances on the file system.
It however sounds like you're saying that the files all do exist on disk, but the media items not all exist in the database. Can you confirm this (as it sounds really strange unless you have been running 3 different databases also).
All in all, everything here sounds really strange since running 3 instances should also require you to have had this running and accessed by the editors uploading the files, using 3 different hostnames?
No matter what I don't think theres a simple solution to your problem. There's no way to have umbraco "reindex" the media folder based on the files there. What I have done for broken media libraries (usually self inflicted breakage, that is) is to load up all existing media items in memory and then loop through the file system to see what is missing from the library and recreate those media items and upload the files to them. Do remember to log which files you are recreating as media items so you can do a file system delete of the orphaned files after they have been processed.
If you can shed a bit more light on the issue, I will see if I can come up with a better solution for you.
Am using JSF and primefaces to develop web application.I want to open existing files on client machines using dialog box which prompts the user to select a path and the corresponding file. Please suggest a component which can be used.
While I doubt the feasibility of your intentions; accessing content directly on a client's machine (some security implications there), a combination of <p:media/> and <p:lightBox/> will work for you. There are file type restrictions imposed by primefaces though (multimedia files and pdf only) The <p:media/> can be embedded in the <p:lightBox/> like so :
<p:lightBox>
<p:media value="{yourBean.filePath}" width="100%" height="300px">
</p:lightBox>
Like I said, I doubt the feasibility of directly streaming content from a client's local filesystem. How do you intend to use the path c:\Users\john doe\my documents\my books\book.pdf on a user's local system within your own web application, without first uploading the file to your own webserver? With image files, you might have some success loading the file into memory and streaming the file directly from RAM using <p:dynaImage/>...consider the scalability of this option too for a high traffic application
I remember back in Plone 2 days I found a simple hack to make one CMFPhoto folder receive webdav files as images (and show them as a gallery).
In Plone4 the images are received as content type files which are not very useful.
Other mass uploading options seem not to be updated to recent versions of Zope/Plone, except uploadify, which makes my server unable to start when installed with buildout.
Functioning webdav would be ideal
Thanks for any ideas, although I can't say I have understood the framework enough to use just a hint
Steen
The short answer is that you need to take a look in the Content Type Registry tool within your site and figure out the settings related to the image (png, jpg) extensions and mime-type that are configured for your site. Visit the Zope Management Interface of your site, and go to ./content_type_registry in he root of your site to take a look.
The more complicated answer is that folders in Plone have a method called PUT_factory() that controls what items get created as. Different folder types can behave differently, but all stock folder types in Plone and most add-ons should obey (unless a bug) the settings in the Content Type Registry.
Im trying to wrap my head around Cloudfront. We notice some video sites don't allow us to download the video. I.e. there is no physical link to the file. Or at least, I am not able to locate it in the flash player's source code using Firebug.
On some sites, a typical block of code could look like the following:
<object width="496" height="24" type="application/x-shockwave-flash" id="media_player" name="media_player" data="/flash/jwplayer/player.swf" ....>
<param name="flashvars" value="file=http://some_bucket_name.s3.amazonaws.com/uploads/users/1/foo.mp3&title=Test&author=Foobar&plugins=&autostart=true&controlbar=bottom&repeat=none&screencolor=000000">
</object>
Above, you notice, from the html source code, that the file can be 'cleverly' downloaded through the physical link: http://some_bucket_name.s3.amazonaws.com/uploads/users/1/foo.mp3.
I understand what a CDN is. A good explanation can be found here.
If we use Cloudfront, will this disallow end-users from 'cleverly' downloading media files directly from our app since the files will be streamed?
As Wukerplank suggested: "You can make it difficult, but you can't make it impossible."
Actually, the only thing CloudFront would do is not make S3 / EC2 requests. It's not designed for adding security, but caching and speed. Here's something that should make it harder to download the contents of the link: How do I prevent hotlinking on Amazon S3 without using signed URLs? (checking for a correct referrer).
Using rtmpe adds another layer of protection. Most download apps have difficulties with it, but as Wukerplank says, nothing is bullet proof.
I have a website that shows galleries. Users can upload their own content from the web (by entering a URL) or by uploading a picture from their computer.
I am storing the URL in the database which works fine for the first use case but I need to figure out where to store the actual images if a user does a upload from their computer.
Is there any recommendation here or best practice on where I should store these?
Should I save them in the appdata or content folders? Should they not be stored with the website at all because it's user content?
You should NOT store the user uploads anywhere they can be directly accessed by a known URL within your site structure. This is a security risk as users could upload .htm file and .js files. Even a file with the correct extension can contain malicious code that can be executed in the context of your site by an authenticated user allowing server-side or client-side attacks.
See for example http://www.acunetix.com/websitesecurity/upload-forms-threat.htm and What security issues appear when users can upload their own files? which mention some of the issues you need to be aware of before you allow users to upload files and then present them for download within your site.
Don't put the files within your normal web site directory structure
Don't use the original file name the user gave you. You can add a content disposition header with the original file name so they can download it again as the same file name but the path and file name on the server shouldn't be something the user can influence.
Don't trust image files - resize them and offer only the resized version for subsequent download
Don't trust mime types or file extensions, open the file and manipulate it to make sure it's what it claims to be.
Limit the upload size and time.
Depending on the resources you have to implement something like this, it is extremely beneficial to store all this stuff in Amazon S3.
Once you get the upload you simply push it over to Amazon and pop the URL in your database as you're doing with the other images. As mentioned above it would probably be wise to open up the image and resize it before sending it over. This both checks it is actually an image and makes sure you don't accidentally present a full camera resolution image to an end user.
Doing this now will make it much, much easier if you ever have to migrate/failover your site and don't want to sync gigabytes of image assets.
One way is to store the image in a database table with a varbinary field.
Another way would be to store the image in the App_Data folder, and create a subfolder for each user (~/App_Data/[userid]/myImage.png).
For both approaches you'd need to create a separate action method that makes it possible to access the images.
While uploading images you need to verify the content of the file before uploading it. The file extension method is not trustable.
Use magic number method to verify the file content which will be an easy way.
See the stackoverflow post and see the list of magic numbers
One way of saving the file is converting it to binary format and save in our database and next method is using App_Data folder.
The storage option is based on your requirement. See this post also
Set upload limit by setting maxRequestLength property to Web.Config like this, where the size of file is specified in KB
<httpRuntime maxRequestLength="51200" executionTimeout="3600" />
You can save your trusted data just in parallel of htdocs/www folder so that any user can not access that folder. Also you can add .htaccess authentication on your trusted data (for .htaccess you should kept your .htpasswd file in parallel of htdocs/www folder) if you are using apache.