Prevent malicuios file insert in attachment by changing extension

  • Resolved Enrico Piras

    (@enricopiras)


    2 years, 8 months ago

    Hello!

    I need to prevent the upload of of malicious files inthe cf7 attachment. I’ve placed in the attachment shortcode the file tipe attribute like this:
    [file attachment filetypes:pdf]
    Everything is fine so the users can upload only files with the .pdf extension but I’ve tried to change the extension to an .exe to .pdf and they are accepted from the attachement field in the form.
    There is a method to prevent this problem?

    Thank you.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Prevent malicuios file insert in attachment by changing extension’ is closed to new replies.