Support » Fixing WordPress » Security of contributor uploads

  • Resolved johnhewitt1

    (@johnhewitt1)


    Hello all,

    I am allowing subscribers to post articles via a members only page using TDO mini forms. I am allowing them to upload an image to the content body and an image for their author resource box. I have limited the size to 50KB and extensions to .jpg .gif .png. I also have to approve images before they go live.

    Now I know file extensions can be used to mask code etc. and was wondering how secure this will be or is it it putting the website at risk? Is there a way of filtering so that only true image files will get through?

    Many thanks

  • The topic ‘Security of contributor uploads’ is closed to new replies.