+## MIME/EXT Blocking
+
+Blocking certain filetypes from being uploaded can be changed by editing the following settings in `static/php/includes/settings.inc.php`:
+```php
+define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat', 'cmd', 'htm', 'html', 'jar', 'msi', 'apk', 'phtml']));
+define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary']));
+```
+
+By default the most common malicious filetypes are blocked.
+