HAPPY EASTER | Get 30% OFF for 4 Months | Use Promo Code: EASTER22

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress?

Anmol Lohana

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress?

Table of Contents

Introduction

Are you getting an error “Sorry, this file type is not permitted for security reasons” while uploading a file to WordPress? And you want to upload that file because it is necessary, but you cannot. 

Well, no need to worry about that. The reason for this error can be any. There are many possibilities why you get this message.

Maybe the file you have uploaded was corrupt, or maybe it was malware. It may also occur because WordPress does not support the file type.

In this article, we will show you how to fix the error “Sorry, this file type is not permitted for security reasons.

Why does the “Sorry, This file type is not permitted for security reasons” error occur in WordPress?

WordPress, by default, supports specific file formats that you can upload to your website.   

Due to security reasons, WordPress displays the message “Sorry, this file type is not permitted” whenever somebody tries to upload a file type that is not supported by default in WordPress. 

AVIF is an image format that generates compressed images without affecting image quality. Although it’s a less popular image format right now, it is expected to be a revolutionary one shortly. 

So, if you try to upload an AVIF format image to WordPress media, it will display the message Sorry this File type is not permitted for security reasons. WordPress through this error because it does not support the file format.

Let’s have a look below at how this message is displayed in Gutenberg editor:

This error can occur for any file type like images, videos, documents, audio, etc. An alternative to upload the file without errors is to upload the file via FTP or WordPress hosting file manager. 

However, it is not as convenient as using the built-in WordPress media library. So, let’s try to fix the error with different methods. Before that, look at the file formats supported in WordPress by default.

File types that are supported by default in WordPress

Due to security settings, WordPress may limit file types you may upload via the site’s admin – videos, documents, audio, and videos.

According to WordPress support, WordPress allows the following file formats by default:

Images:
.jpeg, .gif, .jpg, .png .  

Videos:
.avi, .wmv, .mov, m4v, .mp4, .3g2, 3gp, .ogv, mpg

Documents:
.xls, xlsx, .doc, .docx, .pdf,  .odt, .ppt, .ppsx, .pps, .pptx, .zip, .key

Audio:
.ogg, .m4a, .wav, .mp3

Any other formats other than the above formats will cause you to see error messages like “[filename has failed to upload]” or “Sorry, This file type is not permitted for security reasons.”

For example, when you need to upload a file type that WordPress does not support. 

When you need to upload another format file?

Suppose you try to upload custom fonts on your WordPress site in .tff and .woff formats. WordPress will show your error “Sorry, this file type is not permitted for security reasons.”

See the screenshot below when trying to upload a .woff file on WordPress:

How to fix the “Sorry, This file type is not permitted for security reasons” error in WordPress?

There are many ways to solve this error. We will show you six different methods to solve the error.

  1. Check File Type Extension/Double-Checking the File Type
  2. Add Permitted File Types by Changing WordPress Multisite Network Settings
  3. Edit wp-config.php file
  4. Edit your theme’s functions.php file
  5. Using WordPress plugin
  6. Contact hosting provider
Check File Type Extension

The first thing you can do is check your file extension once again. Sometimes, users save the wrong file extension in a hurry.

So, in this case, you cannot resolve the error with the wp-config.php or functions.php file editing.

Consider the following example when a user uploads a .jpg file as a .avi file and gets this error message. 

You can check the file type extension on your PC to see if it is correct or not.

Go to the file location and click on the view tab above for confirmation. Then, check the “File name extensions” box.

 Or right-click on the file and go to the file properties. You will see the file type extension there.

So, this is the very first fixture you can do to deal with the error. If you think it’s already correct, you can move to the next step.

Add Permitted File Types by Changing WordPress Multisite Network Settings

Multisite installation is a WordPress installation when a network of sites implies the same WordPress installation core file. You may also add more allowed file types in this scenario.

You all have to click settings> Networks settings in the dashboard and then scroll down to upload settings.

Now, upload file types in the input field next to upload file types. Also, add the file types that you want to upload. 

Now, save your changes. Users on this network will upload all file types mentioned here. 

In the case of a single site WordPress installation, you will not have this option in your settings. In that case, you can use another method to solve this.

Edit wp-config.php file

If you want to enable more file types to be uploaded to your library, you will have to make a slight variation in your wp-config.php file.

This editing process is quite simple, but it’s recommended to backup wp-config.php before making edits. You should know that a small error in the file can crash your whole site. 

After you back up the wp-config.php file, you may follow the below steps to add allowed file types.

  • Access File Manager through the control panel.
  • Open your public_html folder.
  • Locate and right-click the wp-config.php file, then choose the Edit option.
  • Scroll to the bottom of the file.

Scroll down to the end of the file to the line that reads /* That’s all, stop editing! Happy blogging. */and paste the following line of code:

define(‘ALLOW UNFILTERED UPLOADS’, true);
  • Save your changes and sign in again to the WordPress dashboard. It would help if you were now permitted to upload any file type.

It’s not an ideal solution, but definitely, it’s an easy one. If more than one user uploads files on the WordPress site, you will have to define which file types should be permitted. 

Edit your theme's functions.php file

If you need to allow just a few file types to be uploaded to your site, you may use Upload_Mimes Filter and follow the below steps:

  • Access File Manager from the control panel.
  • Open the wp-content folder.
  • Open themes folder.
  • Locate and right-click the functions.php file, then choose the Edit option.
  • Scroll to the bottom of the file and paste the following code snippet.
function cc_mime_types($mimes) {
// New allowed mime types.
$mimes['svg'] = 'image/svg+xml';
$mimes['svgz'] = 'image/svg+xml';
return $mimes;
}
add_filter( 'upload_mimes', 'my_custom_mime_types' );

It will eventually add SVGZ and SVG files. You may add MIME types to this code snippet.

WordPress experts will not hesitate while making edits in wp-config.php and functions.php files. WordPress amateurs may use a WordPress plugin to not get into a complication. 

Using WordPress plugin

You can fix the “Sorry This File Type Is Not Permitted for Security Reasons” error using some plugins. We will show you how to fix it using three different WordPress plugins.

  1. WP Add Mime Types
  2. File Upload Types
  3. WP Extra File Types
1- WP Add Mime Types

The WP Add Mime Types plugin is free and highly rated. It is beginner-friendly, comes with many file upload types, and allows you to add if you want.

Install and activate the plugin and follow these steps:

  • Go to the settings section on your WordPress dashboard and select the Mime Type Settings option.

You will see three sections there: 

List of allowed mime types and file extensions by WordPress” The file types come with this plugin.

Security Options” For security settings.

Add Values” to add any file types.

2- File Upload Types

The File Upload Types plugin is also a free, beginner-friendly, and highly rated plugin. You can add File Upload Type easily using this plugin.

  • Install and activate the plugin in your WordPress dashboard. You’ll be automatically redirected to the Plugins page.
  • Select File Upload Types inside the Setting section on the dashboard.
  • Check the box next to the file types you want to upload or add your custom file type.
  • Click Save Settings when you’re ready.
3- WP Extra File Types

The WP Extra Types plugin works the same as both WP Add Mime Types and File Upload Types plugins.

  • Install and activate the plugin on your WordPress, and then follow this step.
  • Go to the WordPress dashboard and select the Extra File Types option inside the Setting section.
  • You will see the file types that come with this plugin, and you can add a custom one too. 

Here, we mention three plugins to fix the error ”Sorry, This File Type Is Not Permitted for Security Reasons”; you can use any of them.

All three plugins have almost similar features, and the way of use is also the same so that you can use any of these three plugins.

Contact hosting provider

If you have tried all the points highlighted above, you should now contact your web hosting company. 

Some web hosting companies put limitations on file types uploading for security reasons. So, if this is the case, the above methods will not work. But the hosting company’s customer support will be able to help you out.

Keeping Your WordPress Site Secure When Permitting Additional File Types

WordPress restricts us from uploading any file types and through a message like sorry you are not allowed to access this page WordPress because of security purposes.

These methods can help you upload any file type to your WordPress website, but to keep your website secure, we suggest you follow some rules while adding custom file types.

  • Restrict the unregistered users from uploading all file types; they can only upload the file types they need to upload.
  • Install security plugins on your WordPress to protect your site and monitor vulnerabilities.
  • Set a file size limit not to upload large files and files with malware.
  • Add user activity logging to record which user has uploaded which file.

These are some points to keep in mind while permitting additional file types for website security.

Wrapping Up

WordPress allows limited file types to upload that is because of security reasons. If you try to upload any file type that is not in WordPress’s default list, it will show an error message “Sorry; this file type is not permitted for security reasons.”

I hope this article was helpful for you to get rid of the “Sorry; this file type is not permitted for security reasons” and “[filename] has failed to upload” by making edits in a wp-config.php file or simply by the WordPress plugin installation. Also, you may add desired file types to be allowed in WordPress.

Share it!

Share on facebook
Share on linkedin
Share on twitter

Share it!

Share on facebook
Share on linkedin
Share on twitter

Start Creating Web Apps on Managed Devrims Cloud Server Now

Easy Web Deployment for Agencies, Developers and e-commerce Industry.

There's More To Read