How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” WordPress Error
When uploading a file to your WordPress media library, you might encounter the “Sorry, this file type is not permitted for security reasons” error.
Even though this is a common error message, receiving it can be frustrating – especially if you’re sure that the file you’re trying to upload is not a threat to your WordPress site security.
Download Ultimate WordPress Cheat Sheet
Fortunately, the “Sorry, this file type is not permitted for security reasons” error is solvable. This article will explain why this error message appears and how to fix it in five different ways.
Why Does The “Sorry, This File Type Is Not Permitted for Security Reasons” Error Occur?
WordPress permits users to upload images, documents, audio, and video in these popular file types:
- Images: .jpeg, .jpg, .png, .gif, .ico
- Documents: .pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx, .psd
- Audio: .mp3, .m4a, .ogg, .wav
- Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2
Any file outside the permitted file types can’t be uploaded to the media library by default. You will get the “Sorry, this file type is not permitted for security reasons” error in WordPress when you try to upload them.
For example, you can’t upload a .epub or a .woff file without making some configurations first.
Only allowing certain file types minimizes the risks of a security breach due to potentially malicious files.
If you’re not careful, such dangerous files can make their way into your WordPress site – whether accidentally or purposefully – and expose your site’s vulnerabilities. This can damage your site or give hackers access to your sensitive data.
Fixing “Sorry, This File Type Is Not Permitted for Security Reasons” Error
Although WordPress’ reason behind limiting file types is well-intentioned, it poses a problem for users who want to share specific files on their website.
In this section, we’ll explain five different ways to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress.
1. Double-Checking the File Type
In some cases, the file you want to upload falls within WordPress’ list of permitted file types, yet you still get the “Sorry, this file type is not permitted for security reasons” error.
It’s possible that the file name extension was misspelled or accidentally changed, making the file unrecognizable to WordPress. So before trying any other method, make sure that the file extension is correct.
If you’re using Windows, go to the location of your file on Windows Explorer. From the menu, select the View tab and check File name extensions.
Now you can view and edit the extension of all files. For example, if you notice that the file’s extension is misspelled, right-click on the file and Rename it to the correct one.
The process is similar if you’re using a Mac – you’ll need to head to Finder -> Preferences -> Advanced and enable Show all filename extensions.
If the file type is permitted by WordPress, re-uploading it with the correct extension should solve the “Sorry, this file type is not permitted for security reasons” error message. However, if the file extension is correctly spelled and isn’t permitted by WordPress, try the other methods.
2. Using a WordPress Plugin
WordPress has plenty of WordPress plugins that can help you upload unsupported file types. These plugins let you enable many Multipurpose Internet Mail Extensions (MIME) types disabled by the media library.
This step-by-step tutorial will show you how to fix the “Sorry, this file type is not permitted for security reasons” error using the free plugin WP Add Mime Types.
- From the WordPress admin area, install the plugin and activate it.
- Navigate to Settings -> Mime Type Settings.
- In the Add Values section, enter the correct MIME type value for the file you want to add. For example, if you’re going to upload a .woff file, enter
woff = application/x-font-woff
. To add multiple MIME file types, separate each value with Enter.
- Click Save. If the process is successful, the new MIME type should appear in the permitted list, and you’ll be able to re-upload the file with no issue.
3. Editing wp-config.php File
Editing your site’s wp-config.php file can allow you to upload all file types to the media library, including unsupported ones. However, keep in mind that this method will make your WordPress website less secure.
We advise you to revert any changes made once you have uploaded the unsupported file.
Also, because you’ll be editing a system file, make sure to create a backup of your site before proceeding in case something goes wrong.
- Access your WordPress installation directory via an FTP client or File Manager. If you use Hostinger, open hPanel and navigate to Files -> File Manager.
- Open the public_html folder and open the wp-config.php file.
- Paste the following code snippet above the line that says That’s all, stop editing! Happy publishing. Then, Save your changes.
define('ALLOW_UNFILTERED_UPLOADS', true);
4. Editing the Theme’s functions.php File
If the wp-config.php file method feels too risky, adding the upload_mimes filter to your theme’s functions.php file might be a better alternative. This method enables certain file types individually instead of all of them simultaneously. Upon backing up your site, follow these steps:
- Access your WordPress installation directory via an FTP client or File Manager.
- Navigate to wp-content -> themes, access your current theme’s folder and open the functions.php file.
- Paste the following syntax in the file. Feel free to add your desired MIME types under the // Add new MIME types here line. Save the changes.
function my_custom_mime_types( $mimes ) {
// Add new MIME types here
$mimes[‘gpx’] = ‘text/gpsxml’;
return $mimes;
}
Keep in mind that different operating systems use different versions of a similar file type, making their MIME values equally different.
For example, .gpx files on Windows are .gpsxml on macOS. So, instead of $mimes[‘gpx’] = ‘text/gpsxml’;
add $mimes[‘gpx’] = ‘application/gpsxml’;
on macOS.
5. Contacting Your Hosting Provider
Sometimes WordPress isn’t the only thing stopping you from uploading specific files. Several hosting providers enact file type restrictions to ensure security.
So, if none of the methods we have offered are working, contact your hosting provider’s support team and ask them to fix the issue.
If you use Hostinger, feel free to contact our customer success team via live chat. Open hPanel and go to Help -> Contact us.
A live chat window will appear. Send a message, and you will soon be in touch with one of our customer success agents.
Additional MIME WordPress Plugins
In addition to WP Add Mime Types, other plugin alternatives will help you resolve the “Sorry, this file type is not permitted for security reasons” error message as it lets you upload unsupported MIME file types to WordPress.
However, you should only install one MIME plugin at a time to avoid conflicting errors.
1. Media Library Assistant
Plugin Stats:
- Downloads: 70,000+
- Rating: 5/5
- Notable features: MIME types management, attachment metadata custom fields, enhanced search media box.
- Best suited for: people looking for a highly customizable media library plugin.
- Price: free
Media Library Assistant is a customizable plugin that adds a ton of features to the media library. These include managing MIME types, adding custom fields for attachment metadata, and adding specific filters to media library searches.
To add unpermitted file types, enable the MIME types present in the plugin’s settings or add custom ones.
The significant advantage of this plugin is its extensive customization options. Users can set the interface and functionality of the WordPress media library to their preference.
While the abundance of options can be overwhelming for some, if customization is essential, this plugin is an excellent choice.
2. Enhanced Media Library
Plugin Stats:
- Downloads: 100,000+
- Rating: 4.5/5
- Notable features: MIME types, image size, and image taxonomies management
- Best suited for: people looking for a media library plugin with a simple interface
- Price: freemium
Enhanced Media Library is an easy-to-use plugin to add and edit MIME types, adjust image sizes, and manage image taxonomies in your media library.
To add MIME types, simply go to the plugin’s settings and check Allow Upload next to the MIME types you want to enable in the media library. If the MIME type you want doesn’t appear in the list, feel free to add custom ones, too.
Suppose you want more features like unlimited media categories/tags and advanced media library search filters. In that case, there’s a premium version of the plugin that costs $25 for a lifetime license and supports WordPress multisite.
3. File Upload Types
Plugin Stats:
- Downloads: 8,000+
- Rating: 5/5
- Notable features: MIME types management
- Best suited for: those looking for a plugin for MIME types management only
- Price: free
File Upload Types is a plugin for enabling file types outside of WordPress’s whitelist. Even though it lacks additional features, it’s sufficient for those that only want to manage allowed MIME types on their WordPress media library.
Upon installation and activation, allow a particular file type to navigate the plugins’ settings and check the box next to a file type table. If you can’t find the file type you’re looking for, add a custom file type in the provided fields.
Conclusion
The “Sorry, this file type is not permitted for security reasons” error message will appear if you try to upload file types that WordPress doesn’t permit by default.
Even though this is a well-meaning restriction, it makes it a problem for users who want to share the files they want.
In this guide, we’ve explained five different workarounds for this error:
- Double-checking the file type
- Using a WordPress plugin
- Editing wp-config.php file
- Editing the theme’s functions.php file
- Contacting your hosting provider
No matter which method you choose, we hope that this article helped you resolve the “Sorry, this file type is not permitted for security reasons” error message in WordPress.
Suggested Reading
Check out the following tutorials to find out how to deal with other WordPress errors.
How to Debug WordPress
How to Fix 500 Internal Server Error
How to Fix WordPress White Screen of Death
How to Fix WordPress Not Sending Emails
How to Fix WordPress Broken Permalinks
How to Fix WordPress Missed Schedule
Comments
July 10 2017
If you use the Wordpress plugin "WP Add Mime Types", please set the value below. abw = application/x-abiword The left value is a file extension value.
November 13 2017
As per this thread on the WordPress forums, the 'Allow unfiltered uploads' is a horrible idea because it creates a huge security problem. Just so you know.
March 11 2020
Hi Good evening: Ihave this issue but only when i upload a file using the Block editor in WP 5.3.2. Instead, if I upload via media library Idont have issues. Could you give me an idea to fix my problem? Thanks you very much Regards from Mexico
March 12 2020
Hi Alberto, Have you tried disabling your plugins to see if the issue is there? Possibly the Enhanced Media Library plugin? If so, you can try installing the classic editor plugin to rollback to the previous editor (https://wordpress.org/plugins/classic-editor/) Good Luck! :)