Uploading error: This file is not allowed for security reasons

Support
23

The Local team would love to offer a workaround for this, even though none of us can reproduce it with the latest Elementor on Local and Windows so far. (We don’t see warnings when uploading images via Elementor, but of course this doesn’t help those of you who do.)

What we know so far

There is an open issue in Elementor’s GitHub. Comments suggest that the cause is a recent change in Elementor’s handling of temporary files. This could explain both:

  • Why it was working fine for many of you in Local before recent Elementor updates.
  • Why it works for some of you in XAMPP (which seems to handle temporary files differently to Local and other production/development environments, where it’s more common to leave sys_temp_dir as PHP’s default).

There is also an open pull request from the Elementor team from early this morning that makes it look like they are testing a fix for the issue.

What you can do for now

If you don’t want to wait for Elementor’s potential bug fix update to arrive, you can either:

  1. Try downgrading to a version of Elementor below 3.19.2, such as 3.19.1. Elementor lets you downgrade to an earlier version from Elementor → Tools → Version Control by choosing a version from the “Rollback Version” dropdown. It recommends backing up your database first. (I know that some of you already tried downgrading, but it’s not clear from the above if you downgraded to at least 3.19.1 or lower.)
  2. Try applying this patch from the GitHub issue if downgrading doesn’t help, or if you don’t want to downgrade but are comfortable editing plugin files. At least one user in GitHub reported that it solved the issue for them. The patch means you would:
    • Edit the file at wp-content/plugins/elementor/core/files/uploads-manager.php.
    • In the validate_file() function, change this code (around line 590):
      $is_tmp_name_valid = empty( $file['tmp_name'] ) || realpath( $file['tmp_name'] ) !== false;
      To look like this instead:
      $is_tmp_name_valid = empty( $file['tmp_name'] ) || realpath( $file['tmp_name'] ) !== false || file_exists( $file['tmp_name'] );

Or you can try applying the patch from their PR, although this has not been reviewed or merged yet.

7 Likes
24

Thanks, works as expected!

3 Likes
25

Hi @bajko -

Thank you for letting us know it worked for you - we appreciate that feedback!

Happy Building! :green_heart:

Sam

1 Like
26

I re-installed LOCAL, Selected Root (C:) as Site Directory, Installed an Older Version of Elementor, Turned off Antivirus, Re-Started LOCAL with Admin Rights. Now everything works just fine.

Also Thanks @nickc and Team WP Engine for sharing the Workaround/Fix !
I love this App.

2 Likes
27

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.