Why You May Want to Avoid Attachments in WordPress Comments

Updated May 21, 2020

Having comments with attachments sounds amazing. After all, letting users submit content could greatly contribute to the discussion – much the way that some file sharing forums allow uploads in threaded discussions. But, this functionality doesn’t come without risks and costs.

Why are Comment Attachments Risky?

The risk-factors of comment attachments revolve around the spread of multiple virus types. The easiest way to pick up something nasty these days is to indiscriminately click links from people who have either had their machine compromised, or from people who are deliberately trying to infect other machines. It’s a great way to let your computer become a part of a DDoS bot-net.

The moral of the story? Conduct a virus scan on any and every attachment before you attempt to open them with your computer. Also, be careful in handling unscanned attachments, since some applications will attempt to preview, create thumbnails or otherwise open before you’re fully ready to handle. Treat uploaded attachments as if they were infected, until proven otherwise.

Why are Comment Attachments Costly?

Drive space. If you’ve got a sudden influx of comments with attachments, even relatively modest sized ones, you can quickly find your hosting storage space is exhausted and you’re either getting an account suspended message or big bill from your webhost. At KnownHost, you can get inexpensive, fully managed, hosting plans with unlimited cloud storage for under $10/month.

Before you enable comment attachments, make sure you fully understand how much storage you have, how much extra it would cost for more storage (or unlimited storage), and what happens if you go over your allotted usage, if you’re not on an unlimited plan.


If you’re with KnownHost, you can always login to your portal and find plan details, open a support ticket and ask, or use the online live chat and discuss. We’ll be happy to make sure you’ve got a plan that can accommodate this type of functionality.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.