How To Enable Members Of Your Community To Upload And Attach Files To Posts

  • 16 July 2018
  • 8 replies

Userlevel 6
Badge +1
  • Product Guru
  • 26 replies posted

Is your community one which would benefit from allowing members to share files with each other? By default only trusted users (moderators, community managers, and admins) can upload and attach files to posts. From Control, it’s possible to allow anyone on the community to upload a file and attach it to their post to share with the rest of the community. Sharing is caring!


How To Enable File Attachments For Anyone On Your Community

  1. Log in to Control as a Community Manager or Admin.
  2. Go to Control SettingsAttachment Permissions.
  3. Enable the switches for Super Users and Registered Users.
  4. Press Save changes, and you’re done!


How To Enable File Attachments For Specific Users On Your Community


  1. Go to ControlGeneral SettingsCustom User RolesAdd Role (or edit an existing role).
  2. Under User has access to, enable the permission Upload files to posts.
  3. Press Save changes.
  4. Make sure the custom role is applied to the user(s) you want to grant permission to, and you’re done!

Check out this How To for a better understanding of how to create and apply custom roles.

Got any other questions about how file uploads works in general? Check out the FAQ.


  • ​Super Users and Registered Users are not allowed to upload files until you configure your community as described above.
  • If you want a specific subset of members of your community to be allowed to upload files, then give these users a custom role with the permission ‘Upload files to posts’.
  • Although we protect visitors to your community by scanning every file for viruses, we do not check files for explicit or illegal content. By enabling file uploads for anyone on a public community, you accept the risk of this sort of content from being uploaded.
  • There is no specific pre-moderation step for files (i.e. you can’t review files that your community members upload on the community to accept/reject).​

8 replies


Is there a way to allow attachments to the Product Updates postings? We want to attach a PDF document of our Release Notes to our Product Updates.

Is there a way to control file extensions?  example -- do not allow .zip files that may contain .exe files


Userlevel 6
Badge +3

Howdy @tpeluso !

As far as I’m aware, the only direct file types allowed are:

  • .pdf
  • .zip
  • .xml
  • .txt
  • .csv
  • .doc/docx
  • xls/xlsx
  • .ppt/pptx

In the case of ZIP files, Clam AV should be able to scan the contents as long as it’s not an encrypted ZIP file - and I’d imagine an infected exe inside would trigger the entire file to get blocked (at least I’d hope so!).

This is a good one though, so I think I’ll ask @Alistair FIeld to help out. I don’t have my own community after all, so I can’t test this (yet...).

@Blastoise186 - thanks for the reply! I too do not have a community up as yet and need to ensure no harm can come through uploaded files.  otherwise, I may keep this setting to ‘off’ at first (better to add feature than take away!)

I look forward to what @Alistair FIeld has to say:)

Userlevel 6
Badge +3

Yup, I’ll be honest though… If you just want users to be able to post images, you definitely don’t need to turn this option on! As long as they have image upload permissions, that’s good enough - and ultimately makes viewing them far easier! Clam AV should also scan those too, because even images can sometimes hide malware.

I would strongly recommend that if you ever turn this on, DEFINITELY don’t let new members use it!!! You’ll become a spammer magnet otherwise and it’d just be an absolute nightmare. Trusted users? Sure, as long as you can trust them! New members and potential spammers? Never!

great point -- I didn’t realize image only was an option. i see super users have file attachment as a setting. need to read up on how insided defines super users. thanks for your help!

Userlevel 6
Badge +3

No worries. I’m actually a Super User myself on the OVO Forum and in actual fact, I’m not an inSided customer, but I’m just very, very well known to inSided at this point. :)

If you ever want some tips on setting up anything else, feel free to stop by anytime.

absolutely -- and thank you again. My first post in this community and you’ve made the experience stellar.