File Type Restrictions & Custom File Types
Learn how to configure which file types are allowed in your store and how to add custom file type restrictions for security and organization.
Default Allowed File Types
Section titled “Default Allowed File Types”Alva Digital Downloads supports a comprehensive list of file types by default. See the complete list in Uploading Digital Files.
Why Restrict File Types?
Section titled “Why Restrict File Types?”Security Reasons
Section titled “Security Reasons”Certain file types can pose security risks:
High-Risk File Types:
.exe,.bat,.cmd- Executable files.scr,.com- Screensavers and command files.vbs,.js- Script files.msi,.app- Installer packages
Why restrict:
- Prevent malware distribution
- Protect your customers
- Comply with platform policies
- Reduce liability
Business Reasons
Section titled “Business Reasons”- Control product catalog: Only sell specific types
- Storage optimization: Prevent large unnecessary files
- Brand consistency: Stick to your niche
- Support simplicity: Easier to support specific formats
Viewing Allowed File Types
Section titled “Viewing Allowed File Types”Check Current Settings
Section titled “Check Current Settings”- Go to Settings in the Alva app
- Scroll to File Type Restrictions section
- View list of allowed extensions
Default Settings
Section titled “Default Settings”By default, all supported file types are allowed. The list includes:
- Documents: PDF, DOCX, TXT, etc.
- Images: JPG, PNG, SVG, etc.
- Videos: MP4, MOV, AVI, etc.
- Audio: MP3, WAV, FLAC, etc.
- Archives: ZIP, RAR, 7Z, etc.
- And more…
Restricting File Types
Section titled “Restricting File Types”Method 1: Disable Specific Types
Section titled “Method 1: Disable Specific Types”To prevent certain file types from being uploaded:
- Navigate to Settings → File Type Restrictions
- Find the Allowed File Types list
- Click Manage Restrictions
- Uncheck file types you want to block
- Example: Uncheck
.exe,.bat,.cmd
- Example: Uncheck
- Click Save
Result: Users can no longer upload unchecked file types.
Method 2: Allow Only Specific Types
Section titled “Method 2: Allow Only Specific Types”To only allow certain file types (stricter control):
- Go to Settings → File Type Restrictions
- Select Custom Allow List mode
- Enter only the extensions you want to allow
- Example:
pdf, docx, jpg, png, zip
- Example:
- Click Save
Result: Only specified file types can be uploaded.
File Type Restriction Rules
Section titled “File Type Restriction Rules”How Restrictions Work
Section titled “How Restrictions Work”- Upload Blocked: Restricted file types cannot be uploaded
- Existing Files: Already uploaded files are not affected
- Error Message: Users see clear error when attempting upload
File Extension Detection
Section titled “File Extension Detection”The app checks file extensions (e.g., .pdf, .jpg) to determine file type. It does NOT deeply inspect file contents.
Important: Users could potentially rename files to bypass restrictions. This is a basic security measure, not foolproof.
Common File Type Restriction Scenarios
Section titled “Common File Type Restriction Scenarios”Scenario 1: eBook Store (PDFs Only)
Section titled “Scenario 1: eBook Store (PDFs Only)”Goal: Only sell PDF eBooks
Configuration:
Allowed types: pdf, epubResult: Customers can only upload PDF and EPUB files.
Scenario 2: Design Assets (Images Only)
Section titled “Scenario 2: Design Assets (Images Only)”Goal: Sell only graphic files
Configuration:
Allowed types: jpg, jpeg, png, svg, ai, psd, eps, pdfResult: Only image and design file formats accepted.
Scenario 3: Audio Store
Section titled “Scenario 3: Audio Store”Goal: Music and audio files only
Configuration:
Allowed types: mp3, wav, flac, aac, ogg, m4aResult: Only audio formats allowed.
Scenario 4: Maximum Security
Section titled “Scenario 4: Maximum Security”Goal: Block all executable and script files
Configuration:
Blocked types: exe, bat, cmd, scr, com, vbs, js, msi, app, sh, py, phpResult: No executable or potentially dangerous file types.
File Size Restrictions by Type
Section titled “File Size Restrictions by Type”You can also set different size limits for different file types:
Example Configuration
Section titled “Example Configuration”| File Type | Max Size |
|---|---|
| Documents (PDF, DOCX) | 100 MB |
| Images (JPG, PNG) | 50 MB |
| Videos (MP4, MOV) | 2 GB |
| Audio (MP3, WAV) | 200 MB |
How to Configure (If Available)
Section titled “How to Configure (If Available)”- Go to Settings → Advanced File Settings
- Enable Type-Specific Size Limits
- Set limits for each category
- Save
Note: This feature may not be available in all plans. Check your plan features.
Adding Custom File Type Support
Section titled “Adding Custom File Type Support”Request New File Type
Section titled “Request New File Type”If you need to upload a file type not currently supported:
- Check if truly needed: Can you convert to supported format?
- Contact support: Request via chat or email
- Provide details:
- File extension (e.g.,
.xyz) - MIME type
- Use case explanation
- Sample file for testing
- File extension (e.g.,
Support Approval Process
Section titled “Support Approval Process”- Security review
- Technical feasibility check
- MIME type configuration
- Testing
- Deployment (usually within 1-2 weeks)
File Type Validation Errors
Section titled “File Type Validation Errors”Common Upload Errors
Section titled “Common Upload Errors””File type not allowed”
Section titled “”File type not allowed””Cause: File extension is restricted
Solution:
- Upload an allowed file type, OR
- Ask admin to enable this file type in settings
”File extension missing”
Section titled “”File extension missing””Cause: File has no extension (e.g., “document” instead of “document.pdf”)
Solution:
- Rename file to include correct extension
- Example:
document→document.pdf
”Invalid file type”
Section titled “”Invalid file type””Cause: File extension doesn’t match actual file content
Solution:
- Ensure file is not corrupted
- Re-export file from original software
- Verify file extension is correct
Best Practices for File Type Restrictions
Section titled “Best Practices for File Type Restrictions”Security Best Practices
Section titled “Security Best Practices”-
Always block executables
- Block:
.exe,.bat,.cmd,.scr,.msi - Unless you specifically sell software
- Block:
-
Be cautious with scripts
- Block:
.vbs,.js,.sh,.py,.php - Unless selling code/development resources
- Block:
-
Review periodically
- Check allowed list quarterly
- Remove any types no longer needed
-
Educate users
- Document allowed file types
- Provide clear error messages
- Offer alternatives
Business Best Practices
Section titled “Business Best Practices”-
Match your niche
- Audio store? Only allow audio formats
- Template store? PDF, DOCX, XLSX, etc.
-
Keep it simple
- Don’t allow too many types if you don’t need them
- Easier to support fewer formats
-
Consider customer needs
- Allow formats your customers expect
- Don’t restrict formats unnecessarily
-
Plan for future
- Allow room for expansion
- Don’t over-restrict early on
File Type Categories
Section titled “File Type Categories”Documents
Section titled “Documents”Extensions: pdf, doc, docx, txt, rtf, odtUse case: eBooks, guides, manuals, templatesImages
Section titled “Images”Extensions: jpg, jpeg, png, gif, svg, webp, tiff, ai, psdUse case: Graphics, photos, design filesVideos
Section titled “Videos”Extensions: mp4, mov, avi, mkv, webm, flv, m4vUse case: Courses, tutorials, stock footageExtensions: mp3, wav, flac, aac, ogg, m4aUse case: Music, audiobooks, sound effectsArchives
Section titled “Archives”Extensions: zip, rar, 7z, tar, gzUse case: Bundles, collections, softwareExtensions: html, css, js, json, xml, py, phpUse case: Themes, plugins, snippetsTesting File Type Restrictions
Section titled “Testing File Type Restrictions”Before Going Live
Section titled “Before Going Live”- Configure restrictions
- Test upload with:
- ✅ Allowed file type → should succeed
- ❌ Blocked file type → should fail with error
- Verify error messages are clear
- Check existing files still accessible
After Changes
Section titled “After Changes”- Notify team of new restrictions
- Update documentation
- Monitor upload errors
- Adjust if needed
File Type Restriction Logs
Section titled “File Type Restriction Logs”Viewing Blocked Upload Attempts
Section titled “Viewing Blocked Upload Attempts”Some plans include logging of blocked uploads:
- Go to Settings → Security Logs
- Filter by “File Type Restriction”
- View:
- File name attempted
- File type attempted
- User who tried
- Timestamp
Use cases:
- Identify if legitimate users are confused
- Detect malicious upload attempts
- Adjust restrictions based on real usage
Frequently Asked Questions
Section titled “Frequently Asked Questions”Q: Can customers see which file types are allowed?
Section titled “Q: Can customers see which file types are allowed?”A: Not automatically. Consider adding allowed types to:
- Product descriptions
- Upload instructions
- FAQ page
Q: What happens to existing files if I block their type?
Section titled “Q: What happens to existing files if I block their type?”A: Existing files are NOT affected. Restrictions only apply to new uploads.
Q: Can I allow .exe files?
Section titled “Q: Can I allow .exe files?”A: Generally not recommended for security reasons. If you must sell software:
- Use ZIP archives containing .exe
- Include security warnings
- Consider using external download links
Q: How do I allow ALL file types?
Section titled “Q: How do I allow ALL file types?”A: Select “Allow All Supported Types” in settings. But consider security implications.
Q: Do file type restrictions affect pack creation?
Section titled “Q: Do file type restrictions affect pack creation?”A: No. Packs can include any already-uploaded files, regardless of current restrictions.
Next Steps
Section titled “Next Steps”- Uploading Digital Files - Learn about supported formats
- Security Best Practices - Protect your store
- Settings & Configuration - Configure your app