Encountering the “Sorry, this file type is not permitted for security reasons” error while trying to upload a crucial file to your WordPress media library can be incredibly frustrating.
This issue typically arises due to file type restrictions set within WordPress settings to maintain website security. If you’ve faced this obstacle, you’re not alone, and there’s a clear path to resolve it.
In this guide, I’ll walk you through the steps to fix file type restrictions and modify your upload settings so that you can add the necessary file formats without compromising your site’s safety.
By the end of this article, you’ll understand how to configure MIME types, adjust permissions, and ensure seamless uploads. We’ll also delve into using plugins for enhanced security settings and exploring custom code adjustments for more advanced needs.
Why do I get the “Sorry, this file type is not permitted for security reasons” error?
There’s a simple reason you will get this error in WordPress: WordPress only accepts uploads of certain file types. The error shows up when you’re uploading a file type it doesn’t accept.
The reason it only accepts particular kinds of files is to stop people from putting up a potentially malicious executable file on their site.
Below you’ll find out the types of files (i.e. MIME types) that WordPress will accept. Uploading any other kind will result in the message, “Sorry, this file type is not permitted for security reasons.”
What exactly are MIME types?
MIME stands for Multipurpose Internet Mail Extensions. Also known as Media types, MIME types are used by browsers to figure out what kind of content is present on the webpage.
At a basic level, MIME types consist of a two-part naming convention which first specifies the file type (e.g. text or image) followed by the subtype (e.g. HTML or PNG, respectively). For example, text/html and image/png each represent a specific MIME type.
Thus, if you upload an MP3 file, the browser can tell through the MIME type that it’s an audio file and not a picture or other type of file.
According to the WordPress Codex, the file types you’re able to upload include:
Images
- .jpg
- .jpeg
- .png
- .gif
- .ico
Documents
- .doc, .docx
- .ppt, .pptx, .pps, .ppsx
- .odt
- .xls, .xlsx
- .psd
Audio
- .mp3
- .m4a
- .ogg
- .wav
Video
- .mp4, .m4v
- .mov
- .wmv
- .avi
- .mpg
- .ogv
- .3gp
- .3g2
The file you want to upload may be missing from the above list. That’s when you will receive the error message, “Sorry, this file type is not permitted for security reasons.”
Alternatively, you may see a different message —”[filename] has failed to upload” or “the media you tried to upload was invalid”. This can be frustrating as it doesn’t even give you a reason.
For example, you may try to upload a .tff or .woff file. These are files associated with custom fonts.These won’t upload because they aren’t on the list of file types that are allowed. That’s when you’ll get the “Sorry, this file type is not permitted for security reasons.”WordPress message.
How do I resolve the “Sorry, this file type is not permitted for security reasons” WordPress error?
1. Change the WordPress Multisite Settings
With just one installation of WordPress, WordPress Multisite lets you make multiple websites. These site sare joined by a network and can be changed all at once.
This can come in handy for many people. For example, maybe you have a chain of stores and you want a site for each location.Updating these sites simultaneously will save you a lot of time.
WordPress Multisite also lets you upload files you can’t usually upload to WordPress.
Simply click the following:
- Network Administration Area
- Settings
- Upload Settings
Then you can just add the file type you need. If you’re adding multiple types, put a space between with no comma.
2. Install a plugin that enables extra MIME types
If you want a quick and easy solution to this error, you have the option to install a MIME plugin designed to let you upload unpermitted file types.
Some plugins that will do the trick:
WP AddMime Types
Mime Types Plus
Unsafe Mime Types
Pro Mime Types
Mime Types Extended
3. Edit your wp-config.phpfile to allow unfiltered uploads
There’s a function you are able to activate in WordPress called ALLOW_UNFILTERED_UPLOADS. This can be activated in your site’s wp-config.php file. Then in the Media Library of your WordPress site,you’ll be able to upload any kind of file.
Setup:
- Make a backup copy of your site first, just in case
- Open up yourwp-config.php file
- Add the below code:
define('ALLOW_UNFILTERED_UPLOADS', true);
- This can be done anywhere before this line
- /* That's all, stop editing! Happy blogging. */
A note of caution — adding this function to your site will prevent all file type upload checks from taking place, leaving your website vulnerable to potentially malicious uploads. If you go this route, it is highly recommended to remove the function once you have uploaded your non-standard files.
4. Change the functions.php file of your theme
Changing your theme’s functions.php to allow custom MIME types can be a simple resolution, avoiding the need to play around in the wp-config.php file. Change which file types WordPress accepts by utilizing the upload_mimes filter.
Here are the steps:
- Using a file manager or FTP client, find the installation directory for WordPress (often public_html)
- Clickwp-content
- Click themes
- Click the folder of the theme you’re using
- Find and access the functions.php file
- Add the following:
function my_custom_mime_types( $mimes ) {
// Add new MIME types here
$mimes['abiword'] = 'application/x-abiword';
return $mimes;
}
add_filter( 'upload_mimes', 'my_custom_mime_types' );
- Save your changes!
You can remove or add any MIME types necessary to the $mimes array. Remember to add the extensions associated with these as well.
This method lets you define exactly which kind of MIME types you allow. This means types you don’t specify still won’t be allowed. This greater control minimizes the risk associated with allowing all file types.
5. Get in touch with your hosting provider
You may still be getting the “Sorry, this file type is not permitted for security reasons” error after trying all 4 tips above. In this rare case, perhaps you should contact your hosting provider. They may be able to offer further advice or resolve the issue for you.
Hosting providers sometimes limit the upload of file types for security reasons. If that’s what’s stopping your upload, they’ll be able to help.
FAQ on “Sorry, this file type is not permitted for security reasons”
Why am I seeing the “Sorry, this file type is not permitted for security reasons” error in WordPress?
This error occurs because WordPress settings have restrictions on file types for security purposes. Upload restrictions prevent potentially harmful files from being uploaded. Adjusting these settings or configuring MIME types can resolve this issue.
How do I add new file types to WordPress?
To add new file formats, modify your wp-config.php file or use a plugin like WP Extra File Types. This allows you to bypass file type restrictions and upload the necessary file extensions safely.
What plugins can help fix this file type error?
Plugins such as WP Extra File Types and File Upload Types by WPForms can help you manage file type permissions and adjust upload settings. These security plugins make it easier to handle unsupported file types.
Is it safe to enable all file types in WordPress?
Enabling all file types can pose security risks. It’s better to enable only the necessary file formats and ensure you have strong security protocols in place. Security plugins and careful file type configuration can help maintain a secure environment.
How do I configure MIME types for WordPress?
To configure MIME types, you can add code to your theme’s functions.php file or use plugins designed for file upload customization. This ensures WordPress recognizes and accepts the file extensions you need to upload.
Can I fix the file type error without using a plugin?
Yes, you can fix this error by editing the wp-config.php file or the theme’s functions.php file. Adding specific code snippets allows you to modify upload permissions and resolve file type restrictions without relying on plugins.
What are the security risks of allowing additional file types?
Allowing additional file formats can introduce vulnerabilities if not managed properly. Ensure you enable only trusted file extensions and use security plugins to monitor and protect against malicious uploads. Maintaining strict security protocols is crucial.
Why are certain file types restricted in WordPress?
WordPress restricts certain file types to prevent security threats. Some file formats can contain malware or malicious code. Upload restrictions and file security policies help protect your site from these risks, ensuring a safer website security.
How do I troubleshoot file upload issues in WordPress?
To troubleshoot file upload issues, check your upload settings, file type permissions, and plugin configurations. Ensure your WordPress dashboard is updated and review error logs for detailed information. Adjusting file type security settings often resolves common issues.
Can I use custom code to fix file type restrictions in WordPress?
Yes, you can use custom code to adjust file type permissions. Adding specific code to your functions.php file allows you to define new MIME types and bypass upload restrictions. This method requires some coding knowledge but is effective for managing file extensions.
Conclusion
In tackling the “Sorry, this file type is not permitted for security reasons” error, we’ve navigated the intricate world of WordPress settings and file type security policies. By understanding file format restrictions and implementing necessary adjustments, you can ensure smoother uploads while maintaining robust website security.
From modifying MIME types to utilizing security plugins like WP Extra File Types, we’ve explored multiple solutions to fix file type permissions. Remember, enabling only essential file formats is crucial to avoid potential vulnerabilities.
By now, you should be adept at handling upload restrictions and ready to make your WordPress media library more versatile. Whether you opt for custom code or plugin-based solutions, maintaining a balance between functionality and security is key.
If you enjoyed reading this article on how to fix “sorry, this file type is not permitted for security reasons”, you should check out this one about WordPress plugin update failed.
We also wrote about a few related subjects like how to fix the site is experiencing technical difficulties, how to fix installation failed, could not create directory, WordPress links not working, how to fix “your connection is not private” and the link you followed has expired.
