Introduction
System admins can whitelist the file types that can be uploaded to file stores and workflows. With the Secure File Upload feature enabled, attempts to upload files with unlisted extensions will fail and trigger the following notice:
This article explains how to enable and configure Secure File Upload.
Note: If your environment was set up before Kepion version 6.1.22125 was released, we recommend enabling this feature for improved security.
Configure
1. Go to the System module > File Storage.
2. Select the Enable Secure File Upload checkbox if unchecked.
3. Enter the allowed file extensions separated by spaces.
Tip: Select Use default to auto-populate the field with the allowed file extensions shown in the image above. The default covers the common extensions of images, text, Microsoft Office files, and scripts.
4. Select Save.
Next steps
Secure file upload is now configured. Try uploading files with different extensions to test it's been configured correctly.