PHPackages                             basecom/magento2-disable-customer-address-file-upload - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. basecom/magento2-disable-customer-address-file-upload

ActiveMagento2-module[Security](/categories/security)

basecom/magento2-disable-customer-address-file-upload
=====================================================

Disable the controller that allows users to upload files for customer address attributes.

1.0.0(8mo ago)117.7k↑53.6%2[1 PRs](https://github.com/basecom/magento2-disable-customer-address-file-upload/pulls)MITPHPPHP 7.4|~8.1CI passing

Since Oct 29Pushed 8mo agoCompare

[ Source](https://github.com/basecom/magento2-disable-customer-address-file-upload)[ Packagist](https://packagist.org/packages/basecom/magento2-disable-customer-address-file-upload)[ RSS](/packages/basecom-magento2-disable-customer-address-file-upload/feed)WikiDiscussions main Synced 2d ago

READMEChangelogDependencies (2)Versions (2)Used By (0)

Basecom\_DisableCustomerAddressFileUpload Module
================================================

[](#basecom_disablecustomeraddressfileupload-module)

[![Packagist](https://camo.githubusercontent.com/8653192bd537f649386e2ae0365fadabbe30c4f1de7790acb5b35cff22952399/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f62617365636f6d2f6d6167656e746f322d64697361626c652d637573746f6d65722d616464726573732d66696c652d75706c6f61642e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/basecom/magento2-disable-customer-address-file-upload)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE)[![Supported Magento Versions](https://camo.githubusercontent.com/2113b3a30955562f026a2b7dda3a09fee30d0c49aacbfce67193c5dc7b434617/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6d6167656e746f2d322e342d627269676874677265656e2e7376673f6c6f676f3d6d6167656e746f266c6f6e6743616368653d74727565267374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/2113b3a30955562f026a2b7dda3a09fee30d0c49aacbfce67193c5dc7b434617/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6d6167656e746f2d322e342d627269676874677265656e2e7376673f6c6f676f3d6d6167656e746f266c6f6e6743616368653d74727565267374796c653d666c61742d737175617265)

This module disables the file upload functionality for customer address attributes in Magento 2. This file upload is by default open to every user and can open up your system to security vulnerabilities.

The SessionReaper attacks exploit this endpoint to upload malicious files to your server and then execute them. While the remote code execution vulnerability has been patched, the upload endpoint was kept open and remains a security risk.

Install this module to disable the upload endpoint and secure your Magento installation.

Installation
------------

[](#installation)

1. Install the module via composer

    ```
    composer require basecom/magento2-disable-customer-address-file-upload
    ```
2. Enable the module

    ```
    bin/magento module:enable Basecom_DisableCustomerAddressFileUpload
    bin/magento setup:upgrade
    ```

Security
--------

[](#security)

If you discover any security related issues, please email  instead of using the issue tracker.

License
-------

[](#license)

Licensed under the [MIT](LICENSE) license.

Copyright
---------

[](#copyright)

basecom GmbH &amp; Co. KG

###  Health Score

40

—

FairBetter than 86% of packages

Maintenance61

Regular maintenance activity

Popularity34

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity44

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

247d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/4a67758dd1f3d42f956d3954dd65c125cdb85d0750c2cea0afaa139d4d5f5acb?d=identicon)[basecom](/maintainers/basecom)

---

Top Contributors

[![mfickers](https://avatars.githubusercontent.com/u/12683535?v=4)](https://github.com/mfickers "mfickers (1 commits)")

### Embed Badge

![Health badge](/badges/basecom-magento2-disable-customer-address-file-upload/health.svg)

```
[![Health](https://phpackages.com/badges/basecom-magento2-disable-customer-address-file-upload/health.svg)](https://phpackages.com/packages/basecom-magento2-disable-customer-address-file-upload)
```

###  Alternatives

[mollie/magento2

Mollie Payment Module for Magento 2

1131.9M16](/packages/mollie-magento2)[imi/magento2-friendly-captcha

Friendly Captcha integration for Magento2

19131.4k](/packages/imi-magento2-friendly-captcha)[loki/magento2-components

Core module for defining Alpine.js components with advanced AJAX features

1011.8k26](/packages/loki-magento2-components)[buckaroo/magento2

Buckaroo Magento 2 extension

32420.3k8](/packages/buckaroo-magento2)[mage-os/module-inventory-reservations-grid

Add a grid with the list of inventory reservations.

1615.9k](/packages/mage-os-module-inventory-reservations-grid)[zwernemann/module-withdrawal

Magento 2 EU Withdrawal Button Module - Adds a withdrawal/revocation button for orders in compliance with EU Directive (EU) 2023/2673

244.9k2](/packages/zwernemann-module-withdrawal)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
