diff --git a/src/controllers/admin/uploads.js b/src/controllers/admin/uploads.js
index 02bd065c0b..4280a2793b 100644
--- a/src/controllers/admin/uploads.js
+++ b/src/controllers/admin/uploads.js
@@ -5,6 +5,7 @@ var path = require('path');
 var async = require('async');
 var nconf = require('nconf');
 var winston = require('winston');
+var mime = require('mime');
 
 var meta = require('../../meta');
 var file = require('../../file');
@@ -102,6 +103,11 @@ uploadsController.uploadLogo = function (req, res, next) {
 uploadsController.uploadSound = function (req, res, next) {
 	var uploadedFile = req.files.files[0];
 
+	var mimeType = mime.lookup(uploadedFile.name);
+	if (!/^audio\//.test(mimeType)) {
+		return next(Error('[[error:invalid-data]]'));
+	}
+
 	file.saveFileToLocal(uploadedFile.name, 'sounds', uploadedFile.path, function (err) {
 		if (err) {
 			return next(err);