Here’s how you fix Sorry, this file type is not permitted for security reasons. Are you encountering difficulties uploading files to your WordPress Media Library?
Do you receive error messages stating “Sorry, this file type is not permitted for security reasons” or “[filename] has failed to upload” during the process?
These messages indicate that WordPress restricts the types of files allowed for uploading due to security measures. Fear not, as there are methods to expand the permissible file types using a code snippet in the wp-config.php file or through the use of a free plugin.
In this guide, we’ll delve deeper into:
- Understanding the “Sorry, this file type is not permitted for security reasons” message
- Step-by-step solutions to fix this error in WordPress
What Triggers the “Sorry, This File Type Is Not Permitted for Security Reasons” Message?
WordPress comes with default configurations that impose limitations on file types for security reasons. When attempting to upload a file type that isn’t supported by WordPress, you’ll encounter the “Sorry, This File Type Is Not Permitted for Security Reasons” error message.
WordPress allows uploading images, videos, documents, and audio files by default. Here’s a list of supported file types:
Documents:
- .doc
- .ppt, .pptx, .pps, .ppsx
- .odt
- .xls, .xlsx
- .psd
Audio:
- .mp3
- .m4a
- .ogg
- .wav
Images:
- .jpg
- .jpeg
- .png
- .gif
- .ico
Videos:
- .mp4
- .m4v
- .mov
- .wmv
- .avi
- .mpg
- .ogv
- .3gp
- .3g2
While file types such as .tff and .woff (custom font files) are not within this default list. Consequently, attempting to upload these files triggers an error message.
Resolving the “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress
Below, we’ll guide you through two effective methods to resolve this issue:
-
Allowing New File Types via wp-config.php
WordPress offers an option called ALLOW_UNFILTERED_UPLOADS that permits uploading any file type to the Media Library. This can be activated by editing the wp-config.php file.
- Steps to Implement:
- Connect to your WordPress site via FTP/SFTP.
- Locate the wp-config.php file in the root directory.
- Add the code snippet
define('ALLOW_UNFILTERED_UPLOADS', true);
just above the/* That’s all, stop editing! Happy blogging. */
line. - Save the changes and upload the modified file back to your server.
- Log out of your WordPress account, then log back in.
Upon re-login, you should be able to upload any file without encountering the error message.
- Steps to Implement:
-
Using the WP Extra File Types Plugin
For users who prefer not to edit the wp-config.php file or need more control over allowed file types, the WP Extra File Types plugin is a suitable alternative. This free plugin, available on WordPress.org, allows you to customize the list of permitted file types conveniently from your WordPress dashboard.
- Implementation:
- Install and activate the WP Extra File Types plugin.
- Access Settings → Extra File Types in your WordPress admin panel.
- Check the box next to the desired file types you wish to upload.
- Save Changes.
The plugin offers a comprehensive list of file types, and you can also add custom file types as needed.
- Implementation:
Exploring Alternative Plugins
While WP Extra File Types is a versatile solution, some instances might necessitate better-suited alternative plugins. For example, in our guide on enabling SVGs in WordPress, we recommend the Safe SVG plugin, which not only permits SVG files in the media library but also sanitizes them upon upload, ensuring additional security.
Summing Up
In conclusion, WordPress employs default limitations on acceptable file types as a security measure. The error message “Sorry, this file type is not permitted for security reasons” appears when attempting to upload file types beyond the predefined list.
Resolving this issue involves either modifying the wp-config.php file or leveraging the WP Extra File Types plugin to allow additional file types for upload, providing more flexibility.
For further assistance in dealing with file size limitations, refer to our supplementary guides on increasing the WordPress Maximum Upload File Size and resolving the “uploaded file exceeds the upload_max_filesize directive in php.ini” error. Additionally, utilizing SFTP is a viable alternative for file uploads when needed.