PHPackages arz-cle/mime-guard - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Mail & Notifications](/categories/mail) 4. / 5. arz-cle/mime-guard ActiveStatamic-addon[Mail & Notifications](/categories/mail) arz-cle/mime-guard ================== Statamic addon for granular MIME type management with hierarchical rules v1.0.0(3mo ago)02MITPHPPHP ^8.2CI passing Since Jan 30Pushed 3mo agoCompare [ Source](https://github.com/arz-cle/mime-guard)[ Packagist](https://packagist.org/packages/arz-cle/mime-guard)[ Docs](https://github.com/arz-cle/mime-guard)[ RSS](/packages/arz-cle-mime-guard/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (4)Versions (2)Used By (0) MIME Guard ========== [](#mime-guard) [![Tests](https://camo.githubusercontent.com/7e14b3d6cbd006e4103160dde48783ff63a44573c06f322c1ec490cd2bed03d1/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f61727a2d636c652f6d696d652d67756172642f74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/arz-cle/mime-guard/actions)[![Latest Version](https://camo.githubusercontent.com/00dbbbc75cd39221fe4f6d49ced418ff57f2fb148ead55273f42dd6d85b2fe7d/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f61727a2d636c652f6d696d652d67756172642e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/arz-cle/mime-guard)[![License](https://camo.githubusercontent.com/5e92b531a7b03e5912bdb931d2d9824817a8e72056f9552ad10d16c4f748a6a2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f61727a2d636c652f6d696d652d67756172643f7374796c653d666c61742d737175617265)](LICENSE)[![Statamic 5+](https://camo.githubusercontent.com/0b754006dc86d03dbe4c8f5c89fc6d4aeb1acd5b1fdbb329e7e71c9ac0e763ba/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f53746174616d69632d352e785f2537435f362e782d4646323639453f7374796c653d666c61742d737175617265)](https://statamic.com)[![PHP 8.2+](https://camo.githubusercontent.com/79a45153562afa427f7c043d96579c26c8f02bf3dc9f8c5f2c2ea48904084c57/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e322b2d3737374242343f7374796c653d666c61742d737175617265)](https://php.net) A Statamic addon for granular MIME type management. Protect your assets by controlling which file types can be uploaded, with rules at global, container, and blueprint levels. Features -------- [](#features) - **Server-side validation** using magic bytes (not just file extensions) - **Hierarchical rules**: Global → Container → Blueprint - **Wildcard support**: `image/*`, `video/*`, etc. - **Control Panel interface** for easy configuration - **Logging** of rejected upload attempts - **Multilingual**: English and French translations included Requirements ------------ [](#requirements) - Statamic 5.x or 6.x - PHP 8.2+ - Laravel 11.x Installation ------------ [](#installation) ``` composer require arz-cle/mime-guard ``` The addon will be automatically discovered by Statamic. ### Publish Configuration (Optional) [](#publish-configuration-optional) ``` php artisan vendor:publish --tag=mime-guard-config ``` Configuration ------------- [](#configuration) ### Using the Control Panel [](#using-the-control-panel) Navigate to **CP → Tools → MIME Guard** to configure: 1. **Global Restrictions**: Select MIME types to block across all uploads 2. **Container Rules**: Define allow/deny rules per asset container 3. **Blueprint Rules**: Define allow/deny rules per collection blueprint 4. **Logging**: Enable/disable logging of rejected uploads Settings are saved to `storage/statamic/addons/mime-guard/settings.yaml`. ### Using Configuration File [](#using-configuration-file) You can also configure MIME Guard via `config/mime-guard.php`: ``` return [ // MIME types blocked by default across all uploads 'restricted_by_default' => [ 'application/octet-stream', 'application/zip', 'application/x-rar-compressed', 'image/svg+xml', 'application/pdf', ], // Rules per asset container 'containers' => [ 'documents' => [ 'allow' => ['application/pdf'], 'deny' => [], ], 'images' => [ 'allow' => ['image/*'], 'deny' => ['image/svg+xml'], ], ], // Rules per blueprint (format: collection::blueprint) 'blueprints' => [ 'products::product' => [ 'allow' => ['model/stl', 'application/octet-stream'], 'deny' => [], ], ], // Logging configuration 'logging' => [ 'enabled' => true, 'channel' => 'stack', ], ]; ``` How It Works ------------ [](#how-it-works) ### Rule Hierarchy [](#rule-hierarchy) Rules are evaluated in order of specificity: 1. **Global** (`restricted_by_default`) - Blocks MIME types everywhere 2. **Container** - Overrides global rules for a specific asset container 3. **Blueprint** - Overrides container rules for a specific blueprint More specific rules always win. An `allow` rule at the container level will permit a globally restricted type. ### Wildcards [](#wildcards) Use wildcards to match categories of MIME types: PatternMatches`image/*`All image types (jpeg, png, gif, webp, etc.)`video/*`All video types (mp4, webm, quicktime, etc.)`audio/*`All audio types (mp3, wav, ogg, etc.)`application/*`All application types### Server-Side Validation [](#server-side-validation) MIME Guard validates files using PHP's `finfo` extension, which reads the file's magic bytes. This means: - A `.jpg` file containing PHP code will be detected as `text/x-php` - A renamed `.exe` file will be detected as `application/x-dosexec` - File extensions can't be used to bypass security Examples -------- [](#examples) ### Allow PDFs only in a specific container [](#allow-pdfs-only-in-a-specific-container) ``` 'containers' => [ 'documents' => [ 'allow' => ['application/pdf'], ], ], ``` ### Block SVG files globally (XSS risk) [](#block-svg-files-globally-xss-risk) ``` 'restricted_by_default' => [ 'image/svg+xml', ], ``` ### Allow 3D models for a product blueprint [](#allow-3d-models-for-a-product-blueprint) ``` 'blueprints' => [ 'products::product' => [ 'allow' => [ 'model/stl', 'model/gltf+json', 'model/gltf-binary', 'application/octet-stream', // STL files are often detected as this ], ], ], ``` ### Allow all images except SVG [](#allow-all-images-except-svg) ``` 'containers' => [ 'gallery' => [ 'allow' => ['image/*'], 'deny' => ['image/svg+xml'], ], ], ``` Logging ------- [](#logging) When logging is enabled, rejected uploads are logged with: - MIME type detected - Filename - Container handle - User ID Example log entry: ``` [2025-01-28 10:30:00] local.INFO: [MIME Guard] Upload rejected { "mime_type": "application/zip", "filename": "archive.zip", "container": "assets", "user_id": 1 } ``` Permissions ----------- [](#permissions) Access to the MIME Guard settings page requires the `configure mime-guard` permission. Assign this permission to roles that should manage upload restrictions. Common MIME Types Reference --------------------------- [](#common-mime-types-reference) ### Images [](#images) MIME TypeFormat`image/jpeg`JPEG`image/png`PNG`image/gif`GIF`image/webp`WebP`image/svg+xml`SVG### Documents [](#documents) MIME TypeFormat`application/pdf`PDF`application/msword`Word (DOC)`application/vnd.openxmlformats-officedocument.wordprocessingml.document`Word (DOCX)### Archives [](#archives) MIME TypeFormat`application/zip`ZIP`application/x-rar-compressed`RAR`application/x-7z-compressed`7Z`application/octet-stream`Binary (generic)### 3D Models [](#3d-models) MIME TypeFormat`model/stl`STL`application/sla`STL (alt)`model/gltf+json`GLTF`model/gltf-binary`GLB### Videos [](#videos) MIME TypeFormat`video/mp4`MP4`video/webm`WebM`video/quicktime`MOVTroubleshooting --------------- [](#troubleshooting) ### Files are blocked but shouldn't be [](#files-are-blocked-but-shouldnt-be) 1. Check the detected MIME type in the logs 2. Some files (like STL) are detected as `application/octet-stream` 3. Add the correct MIME type to your allow rules ### Container rules not working [](#container-rules-not-working) Ensure the container handle in your config matches exactly (check for underscores vs dashes). ### Changes not taking effect [](#changes-not-taking-effect) Clear your config cache: ``` php artisan config:clear ``` Contributing ------------ [](#contributing) Contributions are welcome! Please feel free to submit a Pull Request. License ------- [](#license) MIT License. See [LICENSE](LICENSE) for details. Credits ------- [](#credits) - [Clément Arzoumanian](https://github.com/arz-cle) - Built for [Statamic](https://statamic.com) ### Health Score 36 — LowBetter than 82% of packages Maintenance81 Actively maintained with recent releases Popularity3 Limited adoption so far Community6 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 101d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/50169d334b3f5bb155771092c0217dff2f8f064e54f9fba1af74235fd1d7ab60?d=identicon)[arz-cle](/maintainers/arz-cle) --- Top Contributors [![arz-cle](https://avatars.githubusercontent.com/u/41111840?v=4)](https://github.com/arz-cle "arz-cle (11 commits)") --- Tags validationsecuritymimemime-typeuploadassetsstatamicfile-uploadStatamic addon ### Code Quality TestsPest Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/arz-cle-mime-guard/health.svg) ``` [![Health](https://phpackages.com/badges/arz-cle-mime-guard/health.svg)](https://phpackages.com/packages/arz-cle-mime-guard) ``` ### Alternatives [symfony/mime Allows manipulating MIME messages 2.8k668.8M910](/packages/symfony-mime)[siriusphp/upload Framework agnostic upload library 228570.4k7](/packages/siriusphp-upload)[fileeye/mimemap A PHP library to handle MIME Content-Type fields and their related file extensions. 259.2M9](/packages/fileeye-mimemap)[rosell-dk/image-mime-type-guesser Guess mime type of images 108.0M5](/packages/rosell-dk-image-mime-type-guesser)[silverstripe/mimevalidator Checks uploaded file content roughly matches a known MIME type for the file extension. 102.0M9](/packages/silverstripe-mimevalidator)[martian/spammailchecker A laravel package that protect users from entering non-existing/spam email addresses. 422.0k](/packages/martian-spammailchecker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)