Your attachment has failed security checks and cannot be uploaded

[Arantor]

1.1.x doesn't have the security checks at all.

[28ten]

It seems a little strange that I seem to be pretty much alone in this problem, as my setup is pretty standard. I am going to go back over all my settings and double check that I haven't missed something.

[Arantor]

No, it's just that you have one or more suspicious files. They come along from time to time.

[tesser]

I have a HTACCESS file i added to a bravenet hosting a friend has  and now he can upload  massive files  i should also point out he dont have access to the php.ini file to alter it

if you would like a copy of it  just to try i can pm you a link to it  if you feel you have a file limit problem ?

[Arantor]

The .htaccess rules will be Apache version dependent as well as possibly PHP version dependent.

The three things with php.ini and large files are max_upload_size, post_max_size (which between them control the physical max of what can be uploaded at a time) and the time-limit which specifies how long a script can spend on things.

Thing is... none of those are being tripped with the symptoms described.

[28ten]

I have now had half a dozen users who are having the same problem. The way things are going I am going have to reinstall with 2.3.

[Khaer]

Newbie here. Thanks for the information in this thread, it helped me a lot. I had a user who couldn't upload anything. Looking at his .jpg files I see that they're created with Photoshop and they include pages of XML.

I got around this by installing php5-gd and enabling recoding. My guess is that would solve what is going on here.

[hpooladi]

i have same problem
i can not upload some pictures that taken by my mobile phone
it is not depended on pictures size because i uploaded larger and smaller size pictures
an it is not depended on pictures name . because i renamed it

[MrPhil]

This is an ongoing discussion in several boards and topics. Apparently, SMF's checks for embedded malware in attachments/avatars are a little too sensitive and are rejecting perfectly innocuous images, including those straight out of Photoshop. The developers need to take a look at this.

[Oldiesmann]

I'm honestly not sure there's a lot we can do, since we use a regular expression to check for what appears to be malicious code in the image headers. We might be able to make a few exceptions for Photoshop and the like, but we simply can't add an exception for every program/app that decides putting non-standard data in the image is a good idea.

[Arantor]

I believe a specific exception was put in for Photoshop's cellTextIsHtml tag that it insists on jamming in by modifying said regexp.

[Gargoyle]

Eh just tell everyone to use GIMP... LOL!!!  <---- attempt at humor.

[boardhead]

I have this same problem with a large percentage of images uploaded from forum users (SMF 2.0.6).

There should be a switch to turn off these security checks for images.

[manu3d]

I'm also having this problem.

Two jpg images, straight out of an S6 Samsung mobile phone, resized using GIMP, eliminated EXIF data, well under the size allowed by the forum and php, give the error message in the subject.

I wish at least SMF gave a more precise error message, i.e. what it thinks it's wrong with the file.

And yes, the more stringent security checks are also disabled.

[manu3d]

Never mind. I seem to have found a solution: set the setting

Re-encode potentially dangerous image attachments

to ON. Unfortunately it flattens animated GIFs it seems, making them static.

[Viper013]

Hi Manu, thanks for your Post.

Exatly that helps me out with the same Problem.

But its still curios, ... yesterday everthing works fine and this morning i get this security check error.


Greetings
Steffen