diff --git a/Dockerfile b/Dockerfile
index 4620f54..e8f6909 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -72,6 +72,7 @@ RUN apk add --no-cache yarn
 RUN apk add --no-cache libgit2
 # Instalar foreman para poder correr los servicios
 RUN gem install --no-document --no-user-install foreman
+RUN apk add --no-cache file
 
 # Agregar el grupo del servidor web
 RUN addgroup -g 82 -S www-data
diff --git a/app/models/metadata_image.rb b/app/models/metadata_image.rb
index 763d484..6f25ede 100644
--- a/app/models/metadata_image.rb
+++ b/app/models/metadata_image.rb
@@ -16,6 +16,7 @@ class MetadataImage < MetadataTemplate
     super
 
     errors << I18n.t('metadata.image.path_required') if path_missing?
+    errors << I18n.t('metadata.image.not_an_image') unless image?
 
     errors.compact!
     errors.empty?
@@ -31,6 +32,19 @@ class MetadataImage < MetadataTemplate
     value['path'].is_a?(String)
   end
 
+  # Determina si es una imagen antes de subirla
+  def image?
+    if value['path'].is_a? ActionDispatch::Http::UploadedFile
+      `file --mime-type "#{value['path'].tempfile.path}"`
+        .split(' ')
+        .last
+        .chomp
+        .starts_with? 'image/'
+    else
+      true
+    end
+  end
+
   # Determina si la ruta es opcional pero deja pasar si la ruta se
   # especifica
   def path_optional?
diff --git a/test/controllers/posts_controller_test.rb b/test/controllers/posts_controller_test.rb
index 254b928..06fb85e 100644
--- a/test/controllers/posts_controller_test.rb
+++ b/test/controllers/posts_controller_test.rb
@@ -117,4 +117,20 @@ class PostsControllerTest < ActionDispatch::IntegrationTest
 
     assert_equal 'hola', @post.image.value['description']
   end
+
+  test 'no se pueden subir archivos cualquiera' do
+    patch site_post_url(@site, @post.id),
+          headers: @authorization,
+          params: {
+            post: {
+              image: {
+                path: fixture_file_upload('files/_logo.png', 'image/png'),
+                description: 'hola'
+              }
+            }
+          }
+
+    assert_equal 200, response.status
+    assert_match I18n.t('metadata.image.not_an_image'), response.body
+  end
 end
diff --git a/test/fixtures/files/_logo.png b/test/fixtures/files/_logo.png
new file mode 100644
index 0000000..aa93b25
--- /dev/null
+++ b/test/fixtures/files/_logo.png
@@ -0,0 +1 @@
+pwned
diff --git a/test/fixtures/files/logo.png b/test/fixtures/files/logo.png
new file mode 100644
index 0000000..234d6d2
Binary files /dev/null and b/test/fixtures/files/logo.png differ