diff --git a/backend/server/src/index.ts b/backend/server/src/index.ts
index 9b7bf69..ce6b919 100644
--- a/backend/server/src/index.ts
+++ b/backend/server/src/index.ts
@@ -17,6 +17,7 @@ import {
 } from "./utils"
 import { IDisposable, IPty, spawn } from "node-pty"
 import {
+  MAX_BODY_SIZE,
   createFileRL,
   deleteFileRL,
   renameFileRL,
@@ -116,6 +117,14 @@ io.on("connection", async (socket) => {
     try {
       await saveFileRL.consume(data.userId, 1)
 
+      if (Buffer.byteLength(body, "utf-8") > MAX_BODY_SIZE) {
+        socket.emit(
+          "rateLimit",
+          "Rate limited: file size too large. Please reduce the file size."
+        )
+        return
+      }
+
       const file = sandboxFiles.fileData.find((f) => f.id === fileId)
       if (!file) return
       file.data = body
diff --git a/backend/server/src/ratelimit.ts b/backend/server/src/ratelimit.ts
index 7fadd34..8b99ef7 100644
--- a/backend/server/src/ratelimit.ts
+++ b/backend/server/src/ratelimit.ts
@@ -5,6 +5,8 @@ export const saveFileRL = new RateLimiterMemory({
   duration: 1,
 })
 
+export const MAX_BODY_SIZE = 5 * 1024 * 1024
+
 export const createFileRL = new RateLimiterMemory({
   points: 3,
   duration: 1,