[FIX] Sorry, This File Type Is Not Permitted for Security Reasons (WordPress)

Are you trying to upload a file to your WordPress Media Library, and you get a message saying, "Sorry, this file type is not permitted for security reasons" and/or "[filename] has failed to upload."

That's incredibly frustrating, but it is a very simple fix. We will guide you step-by-step in this article.

WordPress, as the message implies, restricts the types of files you can upload to your site for security reasons. However, you can manually expand the list of allowed file types by adding a small code snippet to your site's wp-config.php file or by using a free plugin.

What Causes the Message "Sorry, this file type is not permitted for security reasons"?

As previously stated, the default configuration of WordPress restricts the types of files that you can upload to your site for security reasons.

When you try to upload a file type that WordPress does not support by default, you receive the “Sorry, This File Type Is Not Permitted for Security Reasons” error message.

For security reasons, because certain files can cause hacks or other problems, WordPress restricts the file types you can upload through your site's admin to images, videos, documents, and audio.

You can upload the following file types by default:

Image files allowed:

• .jpg,
• .jpeg,
• .png,
• .gif,
• and.ico

Videos include the following:

• .mp4
• .m4v
• .mov
• .wmv
• .avi
• .mpg
• .ogv
• .3gp
• .3g2

Document file types allowed:

• .pdf
• .doc
• .ppt
• .pptx
• .pps
• .ppsx
• .odt
• .xls
• .xlsx
• .psd

Audio files permitted:

• .mp3,
• .m4a,
• .ogg,
• and.wav

Anything else not in the above list is NOT allowed.

If you try to upload a file type that isn't on the list above, you'll probably get the "Sorry, this file type is not permitted for security reasons" error. You may also see the message "[filename] failed to upload."

For example, if you want to use your own custom fonts on your WordPress site, you could try uploading a custom font file to WordPress in the .tff and/or .woff formats. Because those formats are not supported by WordPress by default, you will see the “Sorry, this file type is not permitted for security reasons” error instead of being able to upload them.

Here's an example of a .ttf file that we attempted to upload to our test site:

How to Fix the “Sorry, this file type is not permitted for security reasons” WordPress Error

We'll show you how to fix the "Sorry, this file type is not permitted for security reasons" error in WordPress in two ways below:

1. By modifying the wp-config file
2. Using a free WordPress plugin (WP Extra File Types)

1. Add New Allowed File Types Using the wp-config.php file

WordPress includes an ALLOW_UNFILTERED_UPLOADS setting that you can enable in the wp-config.php file of your site. You'll be able to upload any file type to your WordPress Media Library once you enable it.

Be careful when you enable this, especially if there are other people who work on the site. Or do this temporarily and then remove the setting again. 

Here's how to do it. Because you'll be editing your wp-config.php file (which can break your site if you make a mistake), we recommend backing up your site first.

To begin, connect to your WordPress site using FTP/SFTP. The wp-config.php file on your site is located in the root folder, which also contains the wp-admin and wp-includes folders.

To edit the file or download it to your computer, right-click it and select Save Target As, or use the edit function of the FTP client. 

NOTE: You can do this also using your hosting's File Manager (using CPanel or otherwise) or using a File Manager plugin, if you have one installed.

Then, in the wp-config.php file, add the following code snippet above the /* That's all, stop editing! */ line:

define('ALLOW_UNFILTERED_UPLOADS', true);

Save your changes and re-upload the file if necessary.

To complete the process, go to your WordPress dashboard and log out of your WordPress account. You can then immediately log back in.

After logging out/in, you should be able to upload any file without receiving the error message.

2. Install and activate the free WP Extra File Types Plugin

If you don't want to edit your wp-config.php file and/or want more control over which file types can be uploaded to your site, you can install the free WP Extra File Types plugin from WordPress.org.

After you've installed and activated the plugin, navigate to the Settings > Extra File Types section of your WordPress dashboard.

There is a long list of file types there. Check the box next to the file type(s) you want to be able to upload, then click the Save Changes button at the bottom:

If the file type you want to upload isn't on the list, you can add your own custom file types at the bottom of the plugin's settings page:

Other Plugins

There may be better alternative plugins to enable specific file types in some cases such as WebP or SVG (e.g. Safe SVG plugin).

Recommended Reading:

[FIX] Briefly unavailable for scheduled maintenance. Check back in a minute

[FIX] The Link You Followed Has Expired in WordPress (3 Ways)

[Fix] The Uploaded File Exceeds The upload_max_filesize Directive in Php.ini [4 Proven Ways]

[How to] Fix the Err_Cache_Miss Error in Google Chrome

Wrapping Up

By default, WordPress restricts the file types that you can upload to your site. This is done for security reasons. If you try to upload a file type that is not on the list of default file types, you will receive the message "Sorry, this file type is not permitted for security reasons."

To allow unfiltered uploads, you can edit your wp-config.php file and add the ALLOW_UNFILTERED_UPLOADS code snippet. You can also control allowed file types from your WordPress dashboard by using the free WP Extra File Types plugin.

About the Author

Author: Shahzad SaeedWebsite: http://shahzadsaeed.com/Email: shahzad@collectiveray.com

Shahzaad Saaed has been featured in a large number of authority websites, as a WordPress expert. He specializes in content marketing to help business grow their traffic.