Someone keeps uploading .ico files to my wordpress sites. I'd like to know if their is a way to block certain file types from being uploaded int eh NGINX config?
Asked
Active
Viewed 306 times
0
-
4If someone is uploading files to your site without them having access, your server is compromised. Then you need to act according to https://serverfault.com/questions/218005/how-do-i-deal-with-a-compromised-server – Tero Kilkanen Jan 16 '21 at 19:58
-
I want them to upload files just not ico's – fskilroy Jan 17 '21 at 20:26
-
1If you want to limit uploadable file types, you need to look into WordPress settings / plugins. – Tero Kilkanen Jan 18 '21 at 19:52
1 Answers
-1
Just in case someone comes across this and wants a solution. I don't think you can block just one file type in nginx but what you can do it all only certain file types in. To do so just add
location ~ .(htm|css|jpg|gif|mp3)$ { allow all; }
to your NGINX config.
fskilroy
- 1
-
There is no guarantee the path being used to upload files needs to contain such extensions. Think of paths like `/upload.php?folder=image&return=True` – anx Jan 19 '21 at 22:19