Fix WordPress Error – Sorry, This File Type Is Not Permitted For Security Reasons
When attempting to upload files to your website via the admin dashboard, WordPress displays the error message “Apologies, this file type is not allowed for security reasons.” This restriction exists to prevent users from uploading executable files to their websites. WordPress only permits the upload of the following file types. If you try to upload any other file types, you will receive the error message “Apologies, this file type is not allowed for security reasons”.
.pdf (Portable Document Format; Adobe Acrobat)
.doc, .docx (Microsoft Word Document)
.ppt, .pptx, .pps, .ppsx (Microsoft PowerPoint Presentation)
.odt (OpenDocument Text Document)
.xls, .xlsx (Microsoft Excel Document)
.mp4, .m4v (MPEG-4)
.wmv (Windows Media Video)
There are several solutions for resolving this security concern. In this section, I will explain each method to rectify the issue.
If you are using WordPress Multisite, you can easily fix this security concern. You can add the desired file type to the “Add file types” option in the WordPress Multisite settings in the network admin area. Please navigate to Network Admin Area >>> Settings >>> Add Settings and enter the required file types. Ensure that the file types are separated by spaces, not commas.
Sometimes, this security concern can be caused by active plugins on your website. You need to deactivate plugins in bulk and then try uploading files. If you are able to upload files now, then one or more of your plugins are causing the issue. Try activating plugins one by one and observe if the error message reoccurs. If the same error message appears, you can confirm that the last activated plugin is the culprit. Please refer to our Knowledge Base for instructions on how to activate/deactivate WordPress plugins.
You can also install and configure any of the following WordPress plugins to enable the upload of specific file types.
1) WP Add Mime Types
2) Mime Types Extended
3) Unsafe Mime Types
4) Mime Types Plus
Allow All File Types
You can also set up WordPress to allow the upload of all file types. This can be done by using the WordPress constant “ALLOW_UNFILTERED_UPLOADS”. Set the WordPress constant “ALLOW_UNFILTERED_UPLOADS” to “true” in the wp-config.php file of your WordPress installation. The wp-config.php file can be found in the root directory of your WordPress installation. Open the wp-config.php file using your preferred editor (e.g. vi editor) and add the following line somewhere in the file. You can also use File Manager to edit the WordPress configuration file.
Don’t forget to save the config file after making the modification.
Allow Specific File Types
If you only want to allow certain file types to be uploaded, add the following code to the functions.php file of your current WordPress theme. You can find the functions.php file at the following location: /path/to/Wordpress-root-install/wp-contents/themes/current-theme/functions.php. Use your preferred editor or File Manager to add this code.
function enable_extended_upload ( $mime_types =array() )
// The MIME types listed here will be allowed in the media library.
// You can add as many MIME types as you want.
$mime_types[‘gz’] = ‘application/x-gzip’;
$mime_types[‘zip’] = ‘application/zip’;
$mime_types[‘rtf’] = ‘application/rtf’;
$mime_types[‘ppt’] = ‘application/mspowerpoint’;
$mime_types[‘ps’] = ‘application/postscript’;
$mime_types[‘flv’] = ‘video/x-flv’;
// If you want to forbid specific file types that are otherwise allowed,
// specify them here. You can add as many as possible.
unset( $mime_types[‘exe’] );
unset( $mime_types[‘bin’] );
Please replace the above code with the required file types that you wish to allow for uploads.
I hope this tutorial has assisted you in resolving this security concern.
If you require further assistance, please contact our support department.