diff --git a/Server.go b/Server.go
index eaa02d8..c367854 100644
--- a/Server.go
+++ b/Server.go
@@ -22,6 +22,7 @@ var SERVER_HEADER string = `contented/0.0.0-dev`
 
 const (
 	DEFAULT_MAX_CONCURRENT_THUMBS = 16
+	DEFAULT_MAX_THUMBSIZE         = 20 * 1024 * 1024 // 20 MiB
 
 	ALBUM_MIMETYPE = `contented/album`
 
@@ -42,6 +43,7 @@ type ServerOptions struct {
 	EnableHomepage         bool
 	EnableUpload           bool
 	MaxConcurrentThumbs    int
+	MaxThumbSizeBytes      int64
 	ServerPublicProperties
 }
 
@@ -74,6 +76,11 @@ func NewServer(opts *ServerOptions) (*Server, error) {
 		log.Printf("Allowing %d concurrent thumbnails", s.opts.MaxConcurrentThumbs)
 	}
 
+	if s.opts.MaxThumbSizeBytes <= 0 {
+		s.opts.MaxThumbSizeBytes = DEFAULT_MAX_THUMBSIZE
+		log.Printf("Allowing thumbnails for files up to %d byte(s)", s.opts.MaxThumbSizeBytes)
+	}
+
 	s.staticDir, _ = fs.Sub(staticAssets, `static`) // can't fail
 
 	// "fill" the thumbnailer semaphore
diff --git a/thumb.go b/thumb.go
index a6d0beb..fcb20e9 100644
--- a/thumb.go
+++ b/thumb.go
@@ -94,6 +94,10 @@ func (this *Server) handleThumbInternal(ctx context.Context, w http.ResponseWrit
 		return err
 	}
 
+	if m.FileSize > this.opts.MaxThumbSizeBytes {
+		return errors.New("Don't want to thumbnail very large files, sorry")
+	}
+
 	filePath := filepath.Join(this.opts.DataDirectory, m.FileHash)
 	thumb, err := t.RenderFileAs(filePath, m.MimeType)
 	if err != nil {