WordPress is the most popular platform for building cost-effective, high-performance websites for all business needs. It is one of the most used platforms for building websites; Â As of 2023, more than 800 million websites are using the WordPress ecosystem, which is more than 43% of all websites around the globe. Roughly 36% of eCommerce and over 63% of CMS websites are based on the WordPress platform.
If you have a WordPress website then you might have faced the issue where WordPress restricts certain file types from being uploaded due to security concerns. You might have encountered the error message “Sorry, this file type is not permitted for security reasons,” follow the following steps to resolve it.
WordPress has a built-in restriction for uploading specific file types to prevent vulnerabilities. By default, common formats like .jpg, .png, and .pdf are permitted, but lesser-used or custom file types like .svg might be blocked.
What Are Allowed File Types by WordPress?
Before diving into fixes, verify the type of file you are trying to upload. WordPress supports the following formats:
- Images: .jpg, .jpeg, .png, .gif
- Documents: .pdf, .doc, .pptx, .odt
- Audio:Â .mp3, .ogg
- Video: .mp4, .mov
If you are trying to upload the file type which is not listed above then you may get the error as “Sorry, This File Type Is Not Permitted for Security Reasons” To continue uploading the file you’ll need to make adjustments to allow its upload.
Allow Custom or More File Type Upload in WordPress:
Option 1: Using Available WordPress Plugin:
There are multiple ways to resolve this, the easier and safer way is to find and install a plugin which can help in uploading more file types on the website. You may try plugins like Enhanced Media Library, WP Extra File Types, File Manager etc. These plugins will help you enable an option where you can add permitted Multipurpose Internet Mail Extensions (MIME) types for upload to WordPress.
These plugins or other plugins similar to these will give an option in settings from where you can select the different file type you want to be allowed to upload on your website.
Option 2: By Modifying wp-config.php File:
The ‘wp-config.php’ file is one of the most crucial components of a WordPress site as it stores key configuration settings and sensitive credentials. Due to its critical nature, any modifications must be made with extreme caution. Even a small error in this file could lead to the site going offline. Therefore, it is recommended that only individuals with experience in PHP handle these changes to avoid potential issues.
- Access the wp-config.php file via SFT/FTS or a plugin, and edit the file with available options.
- Add the following line without interrupting the existing structure of the wp-config.php file
-
define('ALLOW_UNFILTERED_UPLOADS', true);
- Now save it.
- Try uploading the required files.
Option 2: By Modifying Theme’s “functions.php” File:
Modifying the ‘functions.php’ file is equally critical for the active theme of a WordPress site. Any changes should be made with great caution and only by those with at least a basic understanding of PHP. Even minor mistakes can cause significant issues on the website, so it’s important to proceed carefully when editing this file.
- Access the server folder for the WordPress website using sFTP/FTP/Plugins
- Now, go to /wp-content/themes/
- Inside the active theme folder, look for the “functions.php”
-
function add_custom_mime_types($mimes) { $mimes['svg'] = 'image/svg+xml'; // Example for SVG files return $mimes; } add_filter('upload_mimes', 'add_custom_mime_types');
- This function allows specific file types, such as ‘.svg’, to bypass the restriction. You can add mimes for other file types also, for example, to allow the upload of .doc files you need to add the following line;
-
$mimes['doc'] = 'application/msword';
Disable Security Plugins Temporarily:
If you are still not able to upload specific files after trying the above methods then try deactivating the Security Plugins installed (if any). Sometimes, security plugins like WordFence or Sucuri may block specific uploads. Temporarily disabling these plugins could identify if they’re the cause of the error. If ‘upload’ is working after deactivating the plugin then you may try tweaking the plugin settings, or consider activating the security plugin again after completing the upload.
Check For The Multisite Restrictions:
If you’re using a WordPress multisite network, file upload rules may be stricter. Admins of multisite networks can adjust the allowed file types under Network Admin > Settings > Upload Settings The same can also be useful in the case of the multisite.
Conclusion:
By adjusting the ‘functions.php’ file or using a plugin, you can safely enable additional file types for upload in WordPress while maintaining security. Hire us
We offer adaptive Digital Services to suit your tailored requirements. Hire us to get expert support for these and other WordPress needs. Explore our WordPress Website Development, Website Security & Maintenance services for more…