How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” WordPress Error

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” WordPress Error

When uploading a file to your WordPress media library, you might encounter the “Sorry, this file type is not permitted for security reasons” error.

Even though this is a common error message, receiving it can be frustrating – especially if you’re sure that the file you’re trying to upload is not a threat to your WordPress site security.

Fortunately, the “Sorry, this file type is not permitted for security reasons” error is solvable. This article will explain why this error message appears and how to fix it in five different ways.

Why Does The “Sorry, This File Type Is Not Permitted for Security Reasons” Error Occur?

WordPress permits users to upload images, documents, audio, and video in these popular file types:

  • Images: .jpeg, .jpg, .png, .gif, .ico
  • Documents: .pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx, .psd
  • Audio: .mp3, .m4a, .ogg, .wav
  • Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2

Any file outside the permitted file types can’t be uploaded to the media library by default. You will get the “Sorry, this file type is not permitted for security reasons” error in WordPress when you try to upload them.

For example, you can’t upload a .epub or a .woff file without making some configurations first.

Screenshot of WordPress dashboard showing "this file type is not permitted for security reasons" error.

Only allowing certain file types minimizes the risks of a security breach due to potentially malicious files.

If you’re not careful, such dangerous files can make their way into your WordPress site – whether accidentally or purposefully – and expose your site’s vulnerabilities. This can damage your site or give hackers access to your sensitive data.

Fixing “Sorry, This File Type Is Not Permitted for Security Reasons” Error

Although WordPress’ reason behind limiting file types is well-intentioned, it poses a problem for users who want to share specific files on their website.

In this section, we’ll explain five different ways to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress.

1. Double-Checking the File Type

In some cases, the file you want to upload falls within WordPress’ list of permitted file types, yet you still get the “Sorry, this file type is not permitted for security reasons” error.

It’s possible that the file name extension was misspelled or accidentally changed, making the file unrecognizable to WordPress. So before trying any other method, make sure that the file extension is correct.

Window showing an incorrect file name extension - .jpq instead of .jpg.

If you’re using Windows, go to the location of your file on Windows Explorer. From the menu, select the View tab and check File name extensions.

Now you can view and edit the extension of all files. For example, if you notice that the file’s extension is misspelled, right-click on the file and Rename it to the correct one.

Window showing the picture after its  file name extension has been fixed.

The process is similar if you’re using a Mac – you’ll need to head to Finder -> Preferences -> Advanced and enable Show all filename extensions.

If the file type is permitted by WordPress, re-uploading it with the correct extension should solve the “Sorry, this file type is not permitted for security reasons” error message. However, if the file extension is correctly spelled and isn’t permitted by WordPress, try the other methods.

2. Using a WordPress Plugin

WordPress has plenty of plugins that can help you upload unsupported file types. These plugins let you enable many Multipurpose Internet Mail Extensions (MIME) types disabled by the media library.

This step-by-step tutorial will show you how to fix the “Sorry, this file type is not permitted for security reasons” error using the free plugin WP Add Mime Types.

  1. From the WordPress admin area, install and activate the plugin.
  2. Navigate to Settings -> Mime Type Settings.
  3. In the Add Values section, enter the correct MIME type value for the file you want to add. For example, if you’re going to upload a .woff file, enter woff = application/x-font-woff. To add multiple MIME file types, separate each value with Enter.
WordPress dashboard screenshot showing how to add multiple MIME file types in the Add Values section.
  1. Click Save. If the process is successful, the new MIME type should appear in the permitted list, and you’ll be able to re-upload the file with no issue.
Screenshot of WordPress dashboard showing that the media file was uploaded successfully.

3. Editing wp-config.php File

Editing your site’s wp-config.php file can allow you to upload all file types to the media library, including unsupported ones. However, keep in mind that this method will make your WordPress website less secure.

We advise you to revert any changes made once you have uploaded the unsupported file.

Also, because you’ll be editing a system file, make sure to create a backup of your site before proceeding in case something goes wrong.

  1. Access your WordPress installation directory via an FTP client or File Manager. If you use Hostinger, open hPanel and navigate to Files -> File Manager.
Screenshot of hPanel showing where to find the File Manager.
  1. Open the public_html folder and open the wp-config.php file.
Screenshot of the File Manager showing where to find public_html and wp-config.php files.
  1. Paste the following code snippet above the line that says That’s all, stop editing! Happy publishing. Then, Save your changes.

define(‘ALLOW_UNFILTERED_UPLOADS’, true);

Screenshot of wp-config.php file showing where to paste the code.

4. Editing the Theme’s functions.php File

If the wp-config.php file method feels too risky, adding the upload_mimes filter to your theme’s functions.php file might be a better alternative. This method enables certain file types individually instead of all of them simultaneously. Upon backing up your site, follow these steps:

  1. Access your WordPress installation directory via an FTP client or File Manager.
  2. Navigate to wp-content -> themes, access your current theme’s folder and open the functions.php file.
Screenshot of the File Manager showing where to find the functions.php file.
  1. Paste the following syntax in the file. Feel free to add your desired MIME types under the // Add new MIME types here line. Save the changes.

function my_custom_mime_types( $mimes ) {
// Add new MIME types here
$mimes[‘gpx’] = ‘text/gpsxml’;
return $mimes;
}

Screenshot of the functions.php file showing where to paste the syntax.

Keep in mind that different operating systems use different versions of a similar file type, making their MIME values equally different.

For example, .gpx files on Windows are .gpsxml on macOS. So, instead of $mimes[‘gpx’] = ‘text/gpsxml’; add $mimes[‘gpx’] = ‘application/gpsxml’; on macOS.

5. Contacting Your Hosting Provider

Sometimes WordPress isn’t the only thing stopping you from uploading specific files. Several hosting providers enact file type restrictions to ensure security.

So, if none of the methods we have offered are working, contact your hosting provider’s support team and ask them to fix the issue.

If you use Hostinger, feel free to contact our customer success team via live chat. Open hPanel and go to Help -> Contact us.

Screenshot of Hostinger's hPanel showing how to contact the customer success team.

A live chat window will appear. Send a message, and you will soon be in touch with one of our customer success agents.

Additional MIME WordPress Plugins

In addition to WP Add Mime Types, other plugin alternatives will help you resolve the “Sorry, this file type is not permitted for security reasons” error message as it lets you upload unsupported MIME file types to WordPress.

However, you should only install one MIME plugin at a time to avoid conflicting errors.

1. Media Library Assistant

Media Library Assistant logo.

Plugin Stats:

  • Downloads: 70,000+
  • Rating: 5/5
  • Notable features: MIME types management, attachment metadata custom fields, enhanced search media box.
  • Best suited for: people looking for a highly customizable media library plugin.
  • Price: free

Media Library Assistant is a customizable plugin that adds a ton of features to the media library. These include managing MIME types, adding custom fields for attachment metadata, and adding specific filters to media library searches.

To add unpermitted file types, enable the MIME types present in the plugin’s settings or add custom ones.

The significant advantage of this plugin is its extensive customization options. Users can set the interface and functionality of the WordPress media library to their preference.

While the abundance of options can be overwhelming for some, if customization is essential, this plugin is an excellent choice.

DOWNLOAD

2. Enhanced Media Library

Enhanced Media Library logo.

Plugin Stats:

  • Downloads: 100,000+
  • Rating: 4.5/5
  • Notable features: MIME types, image size, and image taxonomies management
  • Best suited for: people looking for a media library plugin with a simple interface
  • Price: freemium

Enhanced Media Library is an easy-to-use plugin to add and edit MIME types, adjust image sizes, and manage image taxonomies in your media library.

To add MIME types, simply go to the plugin’s settings and check Allow Upload next to the MIME types you want to enable in the media library. If the MIME type you want doesn’t appear in the list, feel free to add custom ones, too.

Suppose you want more features like unlimited media categories/tags and advanced media library search filters. In that case, there’s a premium version of the plugin that costs $25 for a lifetime license and supports WordPress multisite.

DOWNLOAD

3. File Upload Types

File Upload Types logo.

Plugin Stats:

  • Downloads: 8,000+
  • Rating: 5/5
  • Notable features: MIME types management
  • Best suited for: those looking for a plugin for MIME types management only
  • Price: free

File Upload Types is a plugin for enabling file types outside of WordPress’s whitelist. Even though it lacks additional features, it’s sufficient for those that only want to manage allowed MIME types on their WordPress media library.

Upon installation and activation, allow a particular file type to navigate the plugins’ settings and check the box next to a file type table. If you can’t find the file type you’re looking for, add a custom file type in the provided fields.

DOWNLOAD

Conclusion

The “Sorry, this file type is not permitted for security reasons” error message will appear if you try to upload file types that WordPress doesn’t permit by default.

Even though this is a well-meaning restriction, it makes it a problem for users who want to share the files they want.

In this guide, we’ve explained five different workarounds for this error:

  1. Double-checking the file type
  2. Using a WordPress plugin
  3. Editing wp-config.php file
  4. Editing the theme’s functions.php file
  5. Contacting your hosting provider

No matter which method you choose, we hope that this article helped you resolve the “Sorry, this file type is not permitted for security reasons” error message in WordPress.

Author
The author

Hasna

Hasna is a content writer at Hostinger. She's passionate about tech, digital media, and sharing her knowledge with others. In her free time, she likes to lose herself in fictional worlds.