Chances are when interacting with WordPress you may have tried upload a file to your WordPress site and encountered a “Sorry This File Type Is Not Permitted for Security Reasons” error.
This error is in most cases replicable when you try to upload a file to the WordPress media library. It can be quite annoying and frustrating to figure out that a file that you are trying to upload would pose a security issue to your website.
Within this article, we will look into what causes this error as well as how to go about fixing the error within your WordPress site.
Table Of Contents
Reasons for the “Sorry This File Type Is Not Permitted for Security Reasons” error
How to Fix the “Sorry, this file type is not permitted for security reasons” Error
- Counter-Check The File Type Extension
- Altering Network Settings For Multisites
- Editing the wp-config.php file
- Editing the functions.php file
- Adding Support For More File Types Using a Plugin
Reasons for the “Sorry This File Type Is Not Permitted for Security Reasons” error
By default, WordPress only allows you to upload files of a specific file format. It stores a list of allowed MIME types within the functions.php file in the wp-includes directory. If you hence try uploading a file in a format that is not supported, then the error is triggered and you will not be in a position to upload the file to your website. This is the core reason why this error is generated.
Here is an example illustration upon trying to upload an svg file.
Amongst the file types that WordPress supports are as tabulated below:
Images | .jpg .png .jpeg .ico .gif |
Video | .mp4, .m4v (MPEG-4) .mov (QuickTime) .3gp (3GPP) .3g2 (3GPP2) .wmv (Windows Media Video) .ogv (Ogg) .mpg .avi |
Audio | .wav .mp3 .ogg .m4a |
Documents | .doc, .docx .odt .ppt, .pptx, .pps, .ppsx .psd .xls, .xlsx |
At times, you may however want to upload a file type that is not listed above for various reasons. In the sections below, we will look into what you can do in such cases, so as to prevent this error.
How to Fix the “Sorry, this file type is not permitted for security reasons” Error
There are a number of ways to go about fixing the “Sorry, this file type is not permitted for security reasons” error. We will look into some of the ways within this section.
Counter-Check The File Type Extension
Upon trying to upload a file and you encounter the error, one of the first checks that you would need to carry out is check whether the file type extension is actually correct. This is because at times when saving a file, you may have mistyped the file extension, thereby making it unrecognizable by WordPress. This in turn results to the error during file upload.
Altering Network Settings For Multisites
In cases whereby you are developing your site in a multisite network setup, you can add a file type that is by default not allowed in WordPress. This implementation can be achieved by carrying out the following:
i) Access the Network admin account WordPress dashboard
ii) Navigate to the Settings > Network Settings section within your WordPress dashboard
iii) Scroll down to the “Upload Settings” section and within the “Upload file types” field, add to the list the additional file formats that you wish to include:
iv) Save your changes
Once the above is carried out, you will now be in a position upload your file in the specific file type. It is however important to note that this method is only applicable to multi-sites.
This makes it easy for your users to allow uploads of various file types without any code changes or the need of a plugin.
Editing the wp-config.php file
WordPress does also provide a way for you to allow all file type uploads within your website. This can be actualized by editing the wp-config.php file and adding a one-line code to the file.
The wp-config.php file is located within the root of the WordPress files, alongside directories such as wp-content, wp-admin and wp-includes. It contains your websites’ configuration details such as database information.
In order to edit the file a number of approaches can be taken into consideration. These Include:
1) Editing the file via FTP
2) Editing the file via cPanel or else your hosting panel
3) Editing the file using the Wp File Manager plugin
In our case here, we will use the third approach (using the Wp File Manager plugin) for illustration purposes.
To begin with, you will need to carry out the following:
i) Navigate to the plugins > Add New section within your WordPress dashboard
ii) Search for the plugin ‘Wp File Manager’
iii) Proceed to installing and activating the plugin
iv) Navigate to the Wp File Manager section within the backend
v) From the root files rendered, select to edit the wp-config.php file
vi) Within the file, search for the following line:
/* That's all, stop editing! Happy publishing. */
vii) Just before the above line, add the code snippet below:
define('ALLOW_UNFILTERED_UPLOADS', true);
Below is sample screenshot on this:
viii) Save your changes
Once the above is carried out, log out of your site and log in back once again. You should now be in a position to upload your desired file type with no issue.
Editing the functions.php file
This method enables you to define the file types that you wish to allow. It is a more secure approach as it provides a limitation on the file types that can be uploaded.
In this approach, you will need to edit the functions.php file within your theme. Editing of the file can be carried out either from the WordPress editor, via FTP, cPanel or using the Wp File Manager plugin. As for our case here, we will use the Wp File Manager plugin option as we had already installed it.
Within the WordPress dashboard, access the Wp File Manager section and navigate to the Wp-content > themes directory path as illustrated below:
Next, open the theme folder you are using from the list on the right pane.
Select to edit the functions.php file within the theme as illustrated below:
At the end of the file, add the following code:
function additional_mime_types( $mimes ) {
//Add your desired mime types here
$mimes['gpx'] = 'application/gpsxml';
$mimes['doc'] = 'application/msword';
return $mimes;
}
add_filter( 'upload_mimes', 'additional_mime_types' );
Next, save your changes.
Upon carrying out the above, you should be in a position to upload files of type .doc and .gpx. You can also customize the code and add more file types to the list.
Adding Support For More File Types Using a Plugin
In a case where you would not wish to carry out site file edits or you are not in a capacity to do so, you can opt to use a plugin to add extra file types support. Some of the plugins that you can use include:
- WP Extra File Types plugin
- WP Add Mime Types plugin
- Mime Types Plus plugin
In our case here, we will consider using the WP Extra File Types plugin. In order to utilize the plugin, you will need to:
i) Navigate to the Plugins > Add New section within the WordPress dashboard and search for “WP Extra File Types”
ii) Install and Activate the plugin
iii) Navigate to the Settings > Extra File Types section
iv) From the File types listed, select the file type(s) that you would wish to have added
If the file type that you wish to add is not within the list, you can add the file type within the “Add your custom file types” section below the list:
Once this is done, save your changes. You should now be in a position to upload your desired file type.
Conclusion
The “Sorry This File Type Is Not Permitted for Security Reasons” error can lead to setbacks for users trying to upload files to their WordPress site. WordPress however integrates this restriction for security purposes.
Within this article, we have looked into the various approaches that you can use to fix the error within your site. It is however important to exercise some caution on the file types that you permit. Using an approach whereby you are in position to have in place such restrictions would hence be more appropriate.
Since website security is also key, it is crucial to have a security plugin installed within your site and also carry out regular scans on your site. This will enable you to easily identify malicious files within your website. Here is an article on some of the security plugins that you can consider.
We do hope that this article was insightful enough to enable you in resolving the “Sorry This File Type Is Not Permitted for Security Reasons” error. Please feel free to utilize the comments section down below in case of any comments or questions.
No Comments
Leave a comment Cancel