{"id":259611,"date":"2025-11-05T11:08:19","date_gmt":"2025-11-05T11:08:19","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/media-file-limiter\/"},"modified":"2025-11-05T11:12:10","modified_gmt":"2025-11-05T11:12:10","slug":"media-file-limiter","status":"publish","type":"plugin","link":"https:\/\/tah.wordpress.org\/plugins\/media-file-limiter\/","author":23382453,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0","stable_tag":"1.0","tested":"6.8.5","requires":"6.8","requires_php":"7.4","requires_plugins":null,"header_name":"Media File Limiter","header_author":"Red Fox(team Red Fox)","header_description":"Limits the maximum size of media file uploads and blocks files with dangerous extensions.","assets_banners_color":"","last_updated":"2025-11-05 11:12:10","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/p-fox.jp\/","header_author_uri":"https:\/\/p-fox.jp\/author\/","rating":0,"author_block_rating":0,"active_installs":0,"downloads":187,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0":{"tag":"1.0","author":"teamredfox","date":"2025-11-05 11:12:10"}},"upgrade_notice":{"1.0":"<p>Initial release. Please configure settings under Settings &gt; Media Limit after activation.<\/p>"},"ratings":[],"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3390346,"resolution":"1","location":"assets","locale":""}},"screenshots":{"1":"<p>Settings page under \u201cMedia Limit\u201d<\/p>","2":"<p>Configure upload size and forbidden extensions.<\/p>","3":"<p>Error message example<\/p>","4":"<p>Clear message displayed when upload fails due to size or extension restrictions.<\/p>"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[42542,84,3011,600,259],"plugin_category":[50,54],"plugin_contributors":[249109],"plugin_business_model":[],"class_list":["post-259611","plugin","type-plugin","status-publish","hentry","plugin_tags-file-size","plugin_tags-media","plugin_tags-mime","plugin_tags-security","plugin_tags-upload","plugin_category-media","plugin_category-security-and-spam-protection","plugin_contributors-teamredfox","plugin_committers-teamredfox"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/media-file-limiter.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/media-file-limiter\/assets\/screenshot-1.png?rev=3390346","caption":"<p>Settings page under \u201cMedia Limit\u201d<\/p>"}],"raw_content":"<!--section=description-->\n<p>Media File Limiter is a lightweight and efficient plugin designed to strengthen your WordPress upload security.<\/p>\n\n<p>It limits the maximum upload file size (in MB) and blocks specific dangerous file extensions (e.g., .exe, .php, .html, .js), preventing malicious or oversized files from being uploaded to your media library.<\/p>\n\n<p>Unlike traditional file validation, this plugin operates at the earliest possible stage of the upload process via the wp_handle_upload_prefilter hook, ensuring that dangerous files are blocked before WordPress processes them.<\/p>\n\n<p>Key Features\nSet a custom maximum upload size (in MB).<\/p>\n\n<p>Define forbidden file extensions (comma-separated).<\/p>\n\n<p>Displays current PHP\/WordPress upload limits for reference.<\/p>\n\n<p>Early-stage security enforcement \u2014 before files reach media processing.<\/p>\n\n<p>Fully translatable and internationalized (media-file-limiter text domain).<\/p>\n\n<p>Compatible with multisite environments.<\/p>\n\n<p>Why This Plugin?\nWordPress allows large files and executable extensions under certain misconfigurations, which can lead to:<\/p>\n\n<p>Server performance degradation.<\/p>\n\n<p>Potential remote code execution (RCE) risks.<\/p>\n\n<p>Media library clutter and upload errors.<\/p>\n\n<p>Media File Limiter addresses these issues with a simple, configurable interface under the WordPress \u201cSettings \u2192 Media Limit\u201d page.<\/p>\n\n<h3>License<\/h3>\n\n<p>This plugin is free software: you can redistribute it and\/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version.<\/p>\n\n<p>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.<\/p>\n\n<h3>Additional Notes<\/h3>\n\n<p>The plugin follows WordPress Coding Standards (WPCS).<\/p>\n\n<p>All options use the Settings API (register_setting \/ add_settings_field).<\/p>\n\n<p>Security first: early execution priority (wp_handle_upload_prefilter, priority 1).<\/p>\n\n<p>Uninstall hook (register_uninstall_hook) ensures full cleanup.<\/p>\n\n<!--section=installation-->\n<ol>\n<li><p>Upload the plugin files to the \/wp-content\/plugins\/media-file-limiter\/ directory, or install the plugin via the WordPress plugins screen directly.<\/p><\/li>\n<li><p>Activate the plugin through the \u2018Plugins\u2019 screen in WordPress.<\/p><\/li>\n<li><p>Navigate to Settings \u2192 Media Limit to configure:<\/p><\/li>\n<li><p>Maximum upload size (MB)<\/p><\/li>\n<li><p>Forbidden file extensions (comma-separated)<\/p><\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id='q1.%20does%20this%20override%20the%20php%20upload%20limit%20%28upload_max_filesize%29%3F'><h3>Q1. Does this override the PHP upload limit (upload_max_filesize)?<\/h3><\/dt>\n<dd><p>No. This plugin enforces an additional upper bound below your PHP\/WordPress limit. You cannot exceed the PHP upload_max_filesize or post_max_size settings.<\/p><\/dd>\n<dt id='q2.%20what%20happens%20when%20an%20upload%20exceeds%20the%20configured%20size%3F'><h3>Q2. What happens when an upload exceeds the configured size?<\/h3><\/dt>\n<dd><p>The upload process is immediately stopped, and a descriptive error message appears to the user.<\/p><\/dd>\n<dt id='q3.%20can%20i%20allow%20some%20extensions%20while%20blocking%20others%3F'><h3>Q3. Can I allow some extensions while blocking others?<\/h3><\/dt>\n<dd><p>Yes. You can specify any combination of extensions in the settings field (e.g., exe, php, html).<\/p><\/dd>\n<dt id='q4.%20does%20this%20affect%20plugin%2Ftheme%20uploads%20or%20imports%3F'><h3>Q4. Does this affect plugin\/theme uploads or imports?<\/h3><\/dt>\n<dd><p>No. It only affects media uploads (via wp_handle_upload_prefilter), not plugin\/theme installers.<\/p><\/dd>\n<dt id='q5.%20is%20it%20compatible%20with%20multisite%3F'><h3>Q5. Is it compatible with multisite?<\/h3><\/dt>\n<dd><p>Yes. Each site can configure its own upload limit and forbidden extensions independently.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0<\/h4>\n\n<p>Initial release.<\/p>\n\n<p>Added:<\/p>\n\n<p>Maximum file size limit setting.<\/p>\n\n<p>Forbidden extensions list (comma-separated).<\/p>\n\n<p>Early upload filtering using wp_handle_upload_prefilter.<\/p>\n\n<p>Uninstall cleanup for stored options.<\/p>\n\n<p>Admin settings UI with contextual help and current PHP limit display.<\/p>","raw_excerpt":"Restrict maximum upload file size and block dangerous extensions at upload time. Ensures early-stage validation for enhanced WordPress media security.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/259611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=259611"}],"author":[{"embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/teamredfox"}],"wp:attachment":[{"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=259611"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=259611"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=259611"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=259611"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=259611"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/tah.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=259611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}