How to stop users from uploading attachments/files?


(Oma) #1

I don’t want anyone who is not an Admin to be able to upload files that would take up space, unlimited or not.

If they want to “upload” a picture, they would have to use the image URL, but can’t attach anything from their device.

Can this be done?


(Jay Pfaffman) #2

That’s almost certainly a bad idea. This answer is a thought experiment.

You could set max image size kb and max attachment size kb to zero. It could be that 0 implies unlimited, so you might need to use 1 instead.

Perhaps a more reliable way keep people from uploading files would be to remove everything from authorized extensions. When you did want to upload files, you’d add the type you want to upload, upload it, and then remove it again.

Note that by default, linked images are downloaded locally, so that if the source goes away, the image won’t be broken. In many cases, it’s also bad manners to link to images on another site, as that site has to pay for the bandwidth to display the image on your site. Nevertheless, if you want to keep linked images from being copied locally you could change download remote images max days old to 0. I don’t think that 0 implies “always download.”


(Jeff Atwood) #3

It is not as impossible as you make it out to be provided you do not consider images to be file attachments. Can you clarify if this is the case?

File attachments (not images) and images have two sets of independent settings in Discourse.

If you want to prevent all images and file attachments then Jay’s advice is correct.