Title: Failed Image Upload Last modified: September 24, 2024 --- # Failed Image Upload * [bobjgarrett](https://wordpress.org/support/users/bobjgarrett/) * (@bobjgarrett) * [1 year, 8 months ago](https://wordpress.org/support/topic/failed-image-upload/) * I am using a plugin “Contest Gallery Pro” and have been for some years but we now have a problem with the upload of a particular image which the author of the plugin suggests is being rejected by WordFence. * The symptoms are that the image will upload for me with Admin rights but not someone with Subscriber rights. We have tried other browsers. The image is a jpg from a Pixel phone and does not seem corrupted. * The author of that plugin has sent me the developer tools screen grab suggesting WordFence is blocking it. You can see the screengrab [here](https://www.dufour.org.uk/wp-content/uploads/2024/09/image001.png). * Can you suggest why this might be? Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [bobjgarrett](https://wordpress.org/support/users/bobjgarrett/) * (@bobjgarrett) * [1 year, 8 months ago](https://wordpress.org/support/topic/failed-image-upload/#post-18035588) * To confirm what the other plugin author said I disabled WordFence and was then able to successfully upload the particular image. * So it appears that WordFence prevents a subscriber uploading an image from a Pixel phone but permits an Admin to do the same. * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [1 year, 8 months ago](https://wordpress.org/support/topic/failed-image-upload/#post-18036605) * Hi [@bobjgarrett](https://wordpress.org/support/users/bobjgarrett/), thanks for describing and showing your issue. * The reason why an admin may be permitted to upload a file whereas a lower user role isn’t could be down to actions that are seen as malicious. In your case this is likely to be a false-positive as you’re actually expecting your users to upload files. It’s quite common for certain image files to match malicious PHP code patterns such as ` All Options > Firewall Options > Advanced Firewall Options > Rules**, after expanding the list. * Make sure turning off one doesn’t cause customers to get caught by another, then just keep the problematic rule turned off. * Many thanks, Peter. * Thread Starter [bobjgarrett](https://wordpress.org/support/users/bobjgarrett/) * (@bobjgarrett) * [1 year, 8 months ago](https://wordpress.org/support/topic/failed-image-upload/#post-18038667) * Thanks for the response. The block was due to Malicious file upload PHP. * I have tested changing a user from “Subscriber” to “Author” which allows the photo to be loaded. The question then is whether to make all our members “Author” or remove the Malicious File Upload PHP rule. * Given the pages which allow upload or posting are all ones which require users to be logged in it seems either is possible. Is there any other choice and which might be better in your view? Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Failed Image Upload’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 3 replies * 2 participants * Last reply from: [bobjgarrett](https://wordpress.org/support/users/bobjgarrett/) * Last activity: [1 year, 8 months ago](https://wordpress.org/support/topic/failed-image-upload/#post-18038667) * Status: not resolved