diff --git a/app.js b/app.js
index d41dbfbd7..faf686cfa 100644
--- a/app.js
+++ b/app.js
@@ -203,6 +203,7 @@ app.locals.serverURL = config.serverURL
 app.locals.sourceURL = config.sourceURL
 app.locals.allowAnonymous = config.allowAnonymous
 app.locals.allowAnonymousEdits = config.allowAnonymousEdits
+app.locals.allowAnonymousUploads = config.allowAnonymousUploads
 app.locals.disableNoteCreation = config.disableNoteCreation
 app.locals.authProviders = {
   facebook: config.isFacebookEnable,
diff --git a/lib/config/default.js b/lib/config/default.js
index d038e5311..9ab9a6bb1 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -33,6 +33,7 @@ module.exports = {
   protocolUseSSL: false,
   allowAnonymous: true,
   allowAnonymousEdits: false,
+  allowAnonymousUploads: false,
   allowFreeURL: false,
   requireFreeURLAuthentication: false,
   disableNoteCreation: false,
diff --git a/lib/config/environment.js b/lib/config/environment.js
index da50a660d..b74d122f4 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -31,6 +31,7 @@ module.exports = {
   allowOrigin: toArrayConfig(process.env.CMD_ALLOW_ORIGIN),
   allowAnonymous: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS),
   allowAnonymousEdits: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS_EDITS),
+  allowAnonymousUploads: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS_UPLOADS),
   allowFreeURL: toBooleanConfig(process.env.CMD_ALLOW_FREEURL),
   requireFreeURLAuthentication: toBooleanConfig(process.env.CMD_REQUIRE_FREEURL_AUTHENTICATION),
   disableNoteCreation: toBooleanConfig(process.env.CMD_DISABLE_NOTE_CREATION),
diff --git a/lib/config/hackmdEnvironment.js b/lib/config/hackmdEnvironment.js
index c40ffc961..20c2da83b 100644
--- a/lib/config/hackmdEnvironment.js
+++ b/lib/config/hackmdEnvironment.js
@@ -22,6 +22,7 @@ module.exports = {
   allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
   allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
   allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
+  allowAnonymousUploads: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_UPLOADS),
   allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
   defaultPermission: process.env.HMD_DEFAULT_PERMISSION,
   dbURL: process.env.HMD_DB_URL,
diff --git a/lib/web/imageRouter/index.js b/lib/web/imageRouter/index.js
index d9964827b..7321bc805 100644
--- a/lib/web/imageRouter/index.js
+++ b/lib/web/imageRouter/index.js
@@ -59,8 +59,7 @@ async function checkUploadType (filePath) {
 imageRouter.post('/uploadimage', function (req, res) {
   if (
     !req.isAuthenticated() &&
-    !config.allowAnonymous &&
-    !config.allowAnonymousEdits
+    !config.allowAnonymousUploads
   ) {
     logger.error(
       'Image upload error: Anonymous edits and therefore uploads are not allowed'