Drupal is a registered trademark of Dries Buytaert
drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). eca 3.1.1 Minor update available for module eca (3.1.1). layout_paragraphs 2.1.3 Minor update available for module layout_paragraphs (2.1.3). ai 1.3.3 Minor update available for module ai (1.3.3). ai 1.2.14 Minor update available for module ai (1.2.14). node_revision_delete 2.0.3 Minor update available for module node_revision_delete (2.0.3). moderated_content_bulk_publish 2.0.52 Minor update available for module moderated_content_bulk_publish (2.0.52). klaro 3.0.10 Minor update available for module klaro (3.0.10). klaro 3.0.9 Minor update available for module klaro (3.0.9). layout_paragraphs 2.1.2 Minor update available for module layout_paragraphs (2.1.2). geofield_map 11.1.8 Minor update available for module geofield_map (11.1.8).
← All modules

file_mime_type_enforcer

3 sites No security coverage
View on drupal.org

The File Mime Type Enforcer module allows for easy UI configuration in the JSON format. Each supported file extension is mapped to alternative file mime types to enhance file security during uploads. Additionally, the module features a drush command to audit existing files local to the system and will generate log entries for any failed validations as well as display them onscreen, if so desired..

Features

  • Dual MIME Detection: Compares Drupal's extension-based detection with Symfony's content-based analysis
  • Security Protection: Blocks files where extension doesn't match actual content (e.g., PHP files renamed as .jpg)
  • Configurable Alternatives: Define acceptable MIME type variations per file extension
  • Flexible Validation: Strict mode (reject mismatches) or permissive mode (log only)
  • Audit Command: Scan existing files for MIME type discrepancies

Post-Installation

Enable the module via drush en file_mime_type_enforcer or at /admin/modules and modify the configuration at /admin/config/media/file-mime-type-enforcer.

Additional Requirements

This module requires the PHP fileinfo extension. You can verify if it is installed with php -m | grep fileinfo

Similar projects

The File Upload Secure Validator module also utilizes the PHP fileinfo library, but features a different method of configuration. The File Mime Type Enforcer module configuration maps the supported file extensions to their respective alternative mapping and in addition also includes a drush command for auditing of existing files within the system (if needed).

Activity

Total releases
3
First release
Sep 2025
Latest release
5 months ago
Release cadence
20 days
Stability
67% stable

Release Timeline

Releases

Version Type Release date
1.3.2 Stable Nov 4, 2025
1.0.0 Stable Oct 8, 2025
1.0.x-dev Dev Sep 26, 2025