How to fix “this file type is not permitted for security reasons” in WordPress

Question: I am trying to upload a file to the WordPress media library. However, WordPress rejects the file, saying that "Sorry, this file type is not permitted for security reasons." Apparently WordPress forbids certain types of files in the media library. How can I disable the upload file type restriction on WordPress?

In WordPress, files with certain extensions (e.g., .exe, .bz2, .zip) are forbidden to upload to the media library for security reasons. This security feature is known as "filtered upload." In some cases, however, you may want to override this default security policy, and allow some file types which are otherwise blacklisted. In fact, there are ways to disable or customize file type blacklist in WordPress.

Allow All File Types in File Upload

If you want to turn off filtered upload policy altogether, so that you can upload arbitrary types of files to WordPress, do the following.

Open wp-config.php of your WordPress site with any text editor, and add the following line somewhere in the file.

define('ALLOW_UNFILTERED_UPLOADS', true);

This will turn off file-type filter during file uploading on WordPress.

Enable File Upload for a Specific File Type

If you want to be able to upload files with a specific file extension which is otherwise blocked by default, add the following code in functions.php of your WordPress theme.

function enable_extended_upload ( $mime_types =array() ) {

   // The MIME types listed here will be allowed in the media library.
   // You can add as many MIME types as you want.
   $mime_types['gz']  = 'application/x-gzip';
   $mime_types['zip']  = 'application/zip';
   $mime_types['rtf'] = 'application/rtf';
   $mime_types['ppt'] = 'application/mspowerpoint';
   $mime_types['ps'] = 'application/postscript';
   $mime_types['flv'] = 'video/x-flv';

   // If you want to forbid specific file types which are otherwise allowed,
   // specify them here.  You can add as many as possible.
   unset( $mime_types['exe'] );
   unset( $mime_types['bin'] );

   return $mime_types;
}

add_filter('upload_mimes', 'enable_extended_upload');
Download this article as ad-free PDF (made possible by your kind donation): 
Download PDF

Subscribe to Ask Xmodulo

Do you want to receive Linux related questions & answers published at Ask Xmodulo? Enter your email address below, and we will deliver our Linux Q&A straight to your email box, for free. Delivery powered by Google Feedburner.


Support Xmodulo

Did you find this tutorial helpful? Then please be generous and support Xmodulo!

2 thoughts on “How to fix “this file type is not permitted for security reasons” in WordPress

  1. Adding 'define('ALLOW_UNFILTERED_UPLOADS', true);' to Allow All File Types in File Upload in the wp-config.php file did NOT fix the error 'Sorry, this file type is not permitted for security reasons.' while using WP 4.2.2. Any updated suggestions to fix this issue?

Leave a comment

Your email address will not be published. Required fields are marked *