How to Fix “Sorry, this file type is not permitted for security reasons”

How to Fix “Sorry, this file type is not permitted for security reasons”

You may have experienced this frustration; you’re trying to upload a document to your WordPress library. Then a message flashes on the screen: “Sorry, this file type is not permitted for security reasons.”Luckily for you, there are multiple ways to resolve this problem and continue your work.

Keep reading in this article created by our team at wpDataTables, to discover why you’re getting this “Sorry, this file type is not permitted for security reasons” message and 5 methods on how to proceed. Then you will be able to go ahead and put your file on your WordPress website.

Why do I get the “Sorry, this file type is not permitted for security reasons” error?

There’s a simple reason you will get this error in WordPress: WordPress only accepts uploads of certain file types. The error shows up when you’re uploading a file type it doesn’t accept.

The reason it only accepts particular kinds of files is to stop people from putting up a potentially malicious executable file on their site.

Below you’ll find out the types of files (i.e. MIME types) that WordPress will accept. Uploading any other kind will result in the message, “Sorry, this file type is not permitted for security reasons.”

What exactly are MIME types?

MIME stands for Multipurpose Internet Mail Extensions. Also known as Media types, MIME types are used by browsers to figure out what kind of content is present on the webpage.

At a basic level, MIME types consist of a two-part naming convention which first specifies the file type (e.g. text or image) followed by the subtype (e.g. HTML or PNG, respectively). For example, text/html and image/png each represent a specific MIME type.

Thus, if you upload an MP3 file, the browser can tell through the MIME type that it’s an audio file and not a picture or other type of file.

According to the WordPress Codex, the file types you’re able to upload include:


  • .jpg
  • .jpeg
  • .png
  • .gif
  • .ico


  • .pdf
  • .doc, .docx
  • .ppt, .pptx, .pps, .ppsx
  • .odt
  • .xls, .xlsx
  • .psd


  • .mp3
  • .m4a
  • .ogg
  • .wav


  • .mp4, .m4v
  • .mov
  • .wmv
  • .avi
  • .mpg
  • .ogv
  • .3gp
  • .3g2

The file you want to upload may be missing from the above list. That’s when you will receive the error message, “Sorry, this file type is not permitted for security reasons.”

Alternatively, you may see a different message —”[filename] has failed to upload” or “the media you tried to upload was invalid”. This can be frustrating as it doesn’t even give you a reason.

For example, you may try to upload a .tff or .woff file. These are files associated with custom fonts.These won’t upload because they aren’t on the list of file types that are allowed. That’s when you’ll get the “Sorry, this file type is not permitted for security reasons.”WordPress message.

How do I resolve the “Sorry, this file type is not permitted for security reasons” WordPress error?

1. Change the WordPress Multisite Settings

With just one installation of WordPress, WordPress Multisite lets you make multiple websites. These site sare joined by a network and can be changed all at once.

This can come in handy for many people. For example, maybe you have a chain of stores and you want a site for each location.Updating these sites simultaneously will save you a lot of time.

WordPress Multisite also lets you upload files you can’t usually upload to WordPress.

Simply click the following:

  • Network Administration Area
  • Settings
  • Upload Settings

Then you can just add the file type you need. If you’re adding multiple types, put a space between with no comma.

2. Install a plugin that enables extra MIME types

If you want a quick and easy solution to this error, you have the option to install a MIME plugin designed to let you upload unpermitted file types.

Some plugins that will do the trick:

WP AddMime Types

Mime Types Plus

Unsafe Mime Types

Pro Mime Types

Mime Types Extended

3. Edit your wp-config.phpfile to allow unfiltered uploads

There’s a function you are able to activate in WordPress called ALLOW_UNFILTERED_UPLOADS. This can be activated in your site’s wp-config.php file. Then in the Media Library of your WordPress site,you’ll be able to upload any kind of file.


  • Make a backup copy of your site first, just in case
  • Open up yourwp-config.php file
  • Add the below code:
  • This can be done anywhere before this line
 - /* That's all, stop editing! Happy blogging. */

A note of caution — adding this function to your site will prevent all file type upload checks from taking place, leaving your website vulnerable to potentially malicious uploads. If you go this route, it is highly recommended to remove the function once you have uploaded your non-standard files.

4. Change the functions.php file of your theme

Changing your theme’s functions.php to allow custom MIME types can be a simple resolution, avoiding the need to play around in the wp-config.php file. Change which file types WordPress accepts by utilizing the upload_mimes filter.

Here are the steps:

  • Using a file manager or FTP client, find the installation directory for WordPress (often public_html)
  • Clickwp-content
  • Click themes
  • Click the folder of the theme you’re using
  • Find and access the functions.php file
  • Add the following:
function my_custom_mime_types( $mimes ) {

// Add new MIME types here

$mimes['abiword'] = 'application/x-abiword';

return $mimes;


add_filter( 'upload_mimes', 'my_custom_mime_types' );
  • Save your changes!

You can remove or add any MIME types necessary to the $mimes array. Remember to add the extensions associated with these as well.

This method lets you define exactly which kind of MIME types you allow. This means types you don’t specify still won’t be allowed. This greater control minimizes the risk associated with allowing all file types.

5. Get in touch with your hosting provider

You may still be getting the “Sorry, this file type is not permitted for security reasons” error after trying all 4 tips above. In this rare case, perhaps you should contact your hosting provider. They may be able to offer further advice or resolve the issue for you.

Hosting providers sometimes limit the upload of file types for security reasons. If that’s what’s stopping your upload, they’ll be able to help.

Ending thoughts on “Sorry, this file type is not permitted for security reasons”

When you’re on a roll working on your WordPress site, it can be frustrating to be stopped by an error message like “Sorry, this file type is not permitted for security reasons.”In some cases, it can be even more time consuming to fix errors than whatever you were trying to do in the first place.

It’s important to remember that there are many solutions you can try. The error happens because WordPress only allows certain file types to avoid risk for your site. Therefore, it is always recommended to only allow the specific file types that you need rather than disable the restrictions completely.

If you enjoyed reading this article on how to fix “sorry, this file type is not permitted for security reasons”, you should check out this one about WordPress plugin update failed.

We also wrote about a few related subjects like how to fix the site is experiencing technical difficulties, how to fix installation failed, could not create directory,  WordPress links not working, how to fix “your connection is not private” and the link you followed has expired.

Up Next:

The Best WordPress Scheduling Plugin Options for Business Services

The Best WordPress Scheduling Plugin Options for Business Services