user could not upload the file in wordpress

  • Resolved kunjal123

    (@kunjal123)


    1 year, 1 month ago

    Hello,

    I am using free version of this plugin. I have users in my system having a role “Subscriber”. On front end side they can login and create their account and they can upload media files in wordpress. However, After installing this plugin only admin can upload media files from the frontend side (not from the wordpress dashboard). I have also enable the 2FA option on wordfence.

    Even I have user role editior plugin installed. But anything I change from there does not appear on frontend side.

    I need your help as soon as possible.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support wfmark

    (@wfmark)

    Hello @kunjal123, and thanks for reaching out to us!

    I would suggest changing the Wordfence Web Application Firewall into Learning Mode. From the Wordfence Dashboard, click on Manage WAF. Then, you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Try uploading media files using a subscriber role and also make changes using your editor role and check whether it reflects on the frontend side. Once done, switch the WAF from Learning Mode back to Enabled and Protecting and test to see that you can still view the Login Security page.

    https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

    Let me know how in case this doesn’t solve your issue.

    Thanks,

    Mark.

    Thread Starter kunjal123

    (@kunjal123)

    hello,

    I have tried as per your suggestion. However, I am not able to upload the file from the frontend. I put my site on Learning mode and give the subscriber role to upload the file but it is not working.

    Please help me.

    Thread Starter kunjal123

    (@kunjal123)

    hello,

    I am waiting for your reply.

    Please, help me.

    Thread Starter kunjal123

    (@kunjal123)

    hello,

    I am waiting for your reply.

    Please, help me.

    Plugin Support wfmark

    (@wfmark)

    Hi @kunjal123, and apologies for the late response.?

    Wordfence has three rules that check for unsanitized files containing malicious code that can be uploaded to and executed by the web server. The rules are  “Malicious File Upload“, “Malicious File Upload (PHP)“, or “Malicious File Upload (Patterns)” and can be found in Wordfence > All Options > Firewall Options > Advanced Firewall Options > Rules after expanding the list.

    You can disable these one by one to determine which rule may be blocking the upload.

    There have been occasions when customers needed to disable one of these to prevent false positives. There are layers to how uploaded files are checked, so having to turn one of these rules off to fix any issues should still ensure malicious files are caught at a different stage of the checking process. 

    Let me know how it goes.

    Thanks,

    Mark.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘user could not upload the file in wordpress’ is closed to new replies.