Lord of the Files: Enhanced Upload Security
WordPress relies mostly on name-based validation when deciding whether or not to allow a particular file, leaving the door open for various kinds of attacks.
Lord of the Files adds to this content-based validation and sanitizing, making sure that files are what they say they are and safe for inclusion on your site.
The main features include:
- Robust real filetype detection;
- Full MIME alias mapping;
- SVG sanitization (if SVG uploads have been independently allowed);
- File upload validation debugger;
- Fixes issues related to #40175 that have been present since WordPress
4.7.1. - Fixes ambiguous media extensions #40921
Requirements
- WordPress 5.2 or later.
- PHP 7.3 or later.
domPHP extension.fileinfoPHP extension.mbstringPHP extension.xmlPHP extension.
Please note: it is not safe to run WordPress atop a version of PHP that has reached its End of Life. Future releases of this plugin might, out of necessity, drop support for old, unmaintained versions of PHP. To ensure you continue to receive plugin updates, bug fixes, and new features, just make sure PHP is kept up-to-date.
Download & install the zip archive
The plugin package installer can be downloaded from the WP2E project tab called “code”.
1 – Select the version to download if this option is available otherwise the “latest” version of the main plugin will be used.
2 – After downloading the zip archive install the plugin package installer in you local environment and activate the script from the plugin list.
3 – Under the section “Plugins” of the admin dashboard you should see a new “Dependencies & Licenses” link. Follow the instructions from this panel to finalize the installation of the missing dependencies.
-
- Give a name to your project
-
- Download the Installer Package
-
- Install & activate the plugin locally
-
- Install the suggested dependencies
Tips: Use the WP2E panel to add/suggest new dependencies to the local installation. Press F5 in the list of dependencies if the changes are not displayed right away.