diff --git a/.github/workflows/frontend-admin-tests.yml b/.github/workflows/frontend-admin-tests.yml
index 7123e22fc..f31f442f8 100644
--- a/.github/workflows/frontend-admin-tests.yml
+++ b/.github/workflows/frontend-admin-tests.yml
@@ -64,9 +64,6 @@ jobs:
       -
         name: Write custom settings.json that enables the Admin UI tests
         run: "sed -i 's/\"enableAdminUITests\": false/\"enableAdminUITests\": true,\\n\"users\":{\"admin\":{\"password\":\"changeme1\",\"is_admin\":true}}/' settings.json"
-      -
-        name: increase maxHttpBufferSize
-        run: "sed -i 's/\"maxHttpBufferSize\": 50000/\"maxHttpBufferSize\": 10000000/' settings.json"
       -
         name: Disable import/export rate limiting
         run: |
diff --git a/settings.json.docker b/settings.json.docker
index 1dabcdc0c..a265a9235 100644
--- a/settings.json.docker
+++ b/settings.json.docker
@@ -574,13 +574,17 @@
 
   "socketIo": {
     /*
-     * Maximum permitted client message size (in bytes). All messages from
-     * clients that are larger than this will be rejected. Large values make it
-     * possible to paste large amounts of text, and plugins may require a larger
-     * value to work properly, but increasing the value increases susceptibility
-     * to denial of service attacks (malicious clients can exhaust memory).
+     * Maximum permitted client message size (in bytes). This controls the
+     * maximum single-message size for socket.io and directly affects large
+     * paste operations. All messages from clients that are larger than this
+     * will be rejected. Large values make it possible to paste large amounts
+     * of text, and plugins may require a larger value to work properly, but
+     * increasing the value increases susceptibility to denial of service
+     * attacks (malicious clients can exhaust memory).
+     *
+     * 1MB accommodates large pastes while still preventing abuse.
      */
-    "maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:50000}"
+    "maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:1000000}"
   },
 
   /*
diff --git a/settings.json.template b/settings.json.template
index 4d68a10db..9f0bc55a0 100644
--- a/settings.json.template
+++ b/settings.json.template
@@ -573,13 +573,17 @@
 
   "socketIo": {
     /*
-     * Maximum permitted client message size (in bytes). All messages from
-     * clients that are larger than this will be rejected. Large values make it
-     * possible to paste large amounts of text, and plugins may require a larger
-     * value to work properly, but increasing the value increases susceptibility
-     * to denial of service attacks (malicious clients can exhaust memory).
+     * Maximum permitted client message size (in bytes). This controls the
+     * maximum single-message size for socket.io and directly affects large
+     * paste operations. All messages from clients that are larger than this
+     * will be rejected. Large values make it possible to paste large amounts
+     * of text, and plugins may require a larger value to work properly, but
+     * increasing the value increases susceptibility to denial of service
+     * attacks (malicious clients can exhaust memory).
+     *
+     * 1MB accommodates large pastes while still preventing abuse.
      */
-    "maxHttpBufferSize": 50000
+    "maxHttpBufferSize": 1000000
   },
 
   /*
diff --git a/src/node/utils/Settings.ts b/src/node/utils/Settings.ts
index efefff9e6..69b6f5951 100644
--- a/src/node/utils/Settings.ts
+++ b/src/node/utils/Settings.ts
@@ -366,7 +366,7 @@ const settings: SettingsType = {
      * properly, but increasing the value increases susceptibility to denial of service attacks
      * (malicious clients can exhaust memory).
      */
-    maxHttpBufferSize: 50000,
+    maxHttpBufferSize: 1000000,
   },
   /*
   The authentication method used by the server.
diff --git a/src/tests/backend/specs/largePaste.ts b/src/tests/backend/specs/largePaste.ts
new file mode 100644
index 000000000..d77adc1b9
--- /dev/null
+++ b/src/tests/backend/specs/largePaste.ts
@@ -0,0 +1,52 @@
+'use strict';
+
+const assert = require('assert').strict;
+const common = require('../common');
+
+let agent: any;
+let apiVersion = 1;
+
+describe(__filename, function () {
+  before(async function () {
+    agent = await common.init();
+    const res = await agent.get('/api/')
+        .expect(200)
+        .expect('Content-Type', /json/);
+    apiVersion = res.body.currentVersion;
+    assert(apiVersion);
+  });
+
+  it('can set and retrieve 50,000 characters of text on a pad', async function () {
+    this.timeout(30000);
+    const padId = `largePasteTest${Date.now()}`;
+    const largeText = 'A'.repeat(50000);
+
+    // Create the pad
+    let res = await agent.get(`/api/${apiVersion}/createPad?padID=${padId}`)
+        .set('Authorization', (await common.generateJWTToken()))
+        .expect(200)
+        .expect('Content-Type', /json/);
+    assert.equal(res.body.code, 0);
+
+    // Set large text
+    res = await agent.post(`/api/${apiVersion}/setText`)
+        .set('Authorization', (await common.generateJWTToken()))
+        .send({padID: padId, text: largeText})
+        .expect(200)
+        .expect('Content-Type', /json/);
+    assert.equal(res.body.code, 0);
+
+    // Retrieve and verify
+    res = await agent.get(`/api/${apiVersion}/getText?padID=${padId}`)
+        .set('Authorization', (await common.generateJWTToken()))
+        .expect(200)
+        .expect('Content-Type', /json/);
+    assert.equal(res.body.code, 0);
+    assert.equal(res.body.data.text, largeText + '\n');
+
+    // Clean up
+    await agent.get(`/api/${apiVersion}/deletePad?padID=${padId}`)
+        .set('Authorization', (await common.generateJWTToken()))
+        .expect(200);
+  });
+});