Last Revised: October 2, 2021
When we talk about uploading multimedia elements through the administration panel we usually refer to images, documents and known files.
- Audio: M4A, MP3, OGG, WAV.
- Documents: DOC/DOCX, ODT, PDF, PPT/PPTX/PPS/PPSX, PSD, XLS/XLSX
- Images: GIF, ICO, JPG/JPEG, PNG.
- Video: 3GP/3G2, AVI, MOV, MP4/M4V, MPG, OGV, WMV.
This proposal actually goes against security, since what it allows is the opposite, that the administrators of the site can upload any type of file through the panel; however, for certain needs, you may need to activate it in the configuration file [wp-config.php]:
define('ALLOW_UNFILTERED_UPLOADS', true);Another option is to add extensions through the retouching of existing MIME Types, being able to add or remove the desired ones. To do this we can add in the [functions.php] file or by creating a specific plugin:
function wpdanger_mime_type( $mime_types ) {
$mime_types['json'] = 'application/json'; // Añadir JSON
$mime_types['svg'] = 'image/svg+xml'; // Añadir SVG
unset( $mime_types['gif'] ); // Eliminar .GIF
return $mime_types;
}
add_filter( 'upload_mimes', 'wpdanger_mime_type', 1, 1 );Seguir con Seguridad para WordPress
Actual
- wp-config.php
- Security Keys
- Cookies
- Cabeceras inconvenientes
- Unificar CSS y JavaScript
- Ocultar la versión de WordPress
- Caché
- Carpetas por defecto
- Post instalación
- Edición de ficheros
- URL del sitio
- Servidores externos
- XML-RPC
- Acceso a wp-admin
- Actualizaciones automáticas
- Usuarios
- Limpieza de multimedia
- robots.txt
- Plantilla por defecto
- Emoji
- Subir ficheros sin filtro
About this document
This document is regulated by the EUPL v1.2 license, published in WP SysAdmin and created by Javier Casares. Please, if you use this content in your website, your presentation or any material you distribute, remember to mention this site or its author, and having to put the material you create under EUPL license.