diff --git a/config/config.sample.php b/config/config.sample.php
index 94b8a5d0552..4330b0cda60 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -289,6 +289,11 @@ $CONFIG = [
  */
 'session_lifetime' => 60 * 60 * 24,
 
+/**
+ * The timeout for requests to remote servers (e.g., needed for federated shares).
+ */
+'remote_curl_timeout' => 30,
+
 /**
  * `true` enabled a relaxed session timeout, where the session timeout would no longer be
  * handled by Nextcloud but by either the PHP garbage collection or the expiration of
diff --git a/lib/private/Files/Storage/DAV.php b/lib/private/Files/Storage/DAV.php
index 733aa10cde6..366ab4dda14 100644
--- a/lib/private/Files/Storage/DAV.php
+++ b/lib/private/Files/Storage/DAV.php
@@ -373,7 +373,9 @@ class DAV extends Common {
 						->newClient()
 						->get($this->createBaseUri() . $this->encodePath($path), [
 							'auth' => [$this->user, $this->password],
-							'stream' => true
+							'stream' => true,
+							// set download timeout for users with slow connections or large files
+							'timeout' => \OC::$server->getConfig()->getSystemValueInt('remote_curl_timeout', 30)
 						]);
 				} catch (\GuzzleHttp\Exception\ClientException $e) {
 					if ($e->getResponse() instanceof ResponseInterface
@@ -530,7 +532,9 @@ class DAV extends Common {
 			->newClient()
 			->put($this->createBaseUri() . $this->encodePath($target), [
 				'body' => $source,
-				'auth' => [$this->user, $this->password]
+				'auth' => [$this->user, $this->password],
+				// set upload timeout for users with slow connections or large files
+				'timeout' => \OC::$server->getConfig()->getSystemValueInt('remote_curl_timeout', 30)
 			]);
 
 		$this->removeCachedFile($target);