How to Fix “Sorry, This File Type Is Not Permitted for Security?

The affects of Web Hosts on Your Business Website

Here're ways your choice of web hosting service provider impacts the performance of your business:


check

Website loading speed

check

Uptime and availability

check

Customer support

check

Security

check

Server location

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

Not Permitted for Security Reasons

Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

When you try to upload a file to your WordPress Media Library, you get messages like “Sorry, this file type is not permitted for security reasons” and/or “[filename] has failed to upload.”

For security reasons, WordPress restricts the types of files you can upload to your site, as the notice implies. You can manually expand the list of permissible file types by adding a tiny code snippet to your site’s wp-config.php file or by using a free plugin to allow you to upload any form of file.

This article will teach you the following:

More information about the warning “Sorry, this file type is not permitted for security reasons.”
How to fix the WordPress notice “Sorry, this file type is not accepted for security reasons.”
What Triggers the “Sorry, this file type is not permitted for security reasons” Message?

The message “Sorry, this file type is not allowed for security reasons”
For security reasons, WordPress’ default configuration restricts the types of files you can upload to your site, as we described above.

The WordPress Error Message “Sorry, This File Type Is Not Permitted for Security Reasons” is as follows:
When you try to upload a file type that WordPress doesn’t accept by default, you get the “Sorry, This File Type Is Not Permitted for Security Reasons” error notice.

For security concerns, WordPress restricts the file types you can upload thorough your site’s admin – photos, videos, documents, and audio.

Support
You can upload the following file formats by default:

Images:

.jpg \s.jpeg \s.png \s.gif \s.ico
(For further information, see JPG vs. JPEG: Understanding the Most Popular Image File Format.)
Videos:

.mp4 \s.m4v \s.mov \s.wmv \s.avi \s.mpg \s.ogv \s.3gp \s.3g2 \s Documents:

.pdf.doc.ppt.pptx.pps.ppsx.odt.xls.xlsx.psd.odt.xlsx.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd.psd

.mp3 \s.m4a \s.ogg \s.wav
If you try to upload a file type that isn’t in the list above, you’ll probably get an error saying “Sorry, this file type isn’t permitted for security reasons.” You may also get the message “[filename] failed to upload.”

Are you getting the ‘Sorry, This File Type Is Not Permitted for Security Reasons’ issue when you try to upload a file to WordPress? Find out how to solve it! 🛠️
TO TWEET, CLICK HERE
If you’re trying to use your own custom fonts on your WordPress site, for example, you might be trying to upload a custom font file in the.tff and/or.woff formats to WordPress. Because certain formats aren’t supported by WordPress by default, you’ll get an error saying “Sorry, this file type isn’t permitted for security reasons.” instead of being able to upload them.

Here’s an example of a.woff file that we tried to upload to our test site:

The notification is triggered when you upload a.woff file.
How to Fix “Sorry, this file type is not allowed due to security concerns” WordPress has an error.
We’ll show you two solutions to fix the WordPress problem “Sorry, this file type is not permitted for security reasons”:

By modifying the wp-config.php file on your website
1. Add New Permitted File Types Using a Free WordPress Plugin Using the wp-config.php file
ALLOW UNFILTERED UPLOADS is a WordPress option that you can enable in your site’s wp-config.php file. You’ll be able to upload any file type to your WordPress Media Library once it’s enabled.

Do you want to discover how we grew our traffic by over 1000%?
Join the 20,000+ people who receive our weekly email with WordPress insider secrets!

Now is the time to subscribe.
Here’s how to do it; however, because you’ll be modifying your wp-config.php file, we recommend backing up your site first.

Connect to your WordPress site using FTP/SFTP to get started. The wp-config.php file for your site is in the root folder, which also contains the wp-admin and wp-includes folders.

Right-click the file to edit it or save it to your computer:

How to make changes to the wp-config.php file
Then, above the /* That’s all, end modifying the wp-config.php file, add the following code snippet. */ line: Good luck with your blogging.

define(‘ALLOW UNFILTERED UPLOADS’, true); define(‘ALLOW UNFILTERED UPLOADS’, true);

In your wp-config.php file, where do you put the code?
If necessary, save your modifications and re-upload the file.

Do you have troubles with downtime with WordPress? Kinsta is a hosting solution that prioritizes performance and security. Take a look at our plans.

You’ll need to log out of your WordPress account and head to your WordPress dashboard to complete the process. You can then log back in right away.

You should be able to upload any file after logging out/in without getting the following error message:

Uploading a.woff file successfully
Uploading a.woff file successfully 2. Use the Free WP Extra File Types Plugin If you don’t want to mess with your wp-config.php file and/or want more control over which file types can be uploaded to your site, the free WP Extra File Types plugin from WordPress.org can help.

Go to Settings Extra File Types in your WordPress dashboard after you’ve installed and activated the plugin.

There’s a long list of file kinds there. Check the boxes next to the file types you want to be able to upload, then save your changes at the bottom:

In the plugin’s settings, how can I accept certain file types?

If the file type you want to upload isn’t on the list, you can create your own custom file types at the bottom of the plugin’s settings page:

How to create your own file type

Plugins to Consider
Alternative plugins to enable specific file types may be available in some cases. For example, we propose the free Safe SVG plugin in our explanation on how to enable SVGs in WordPress. This not only adds SVG files to the WordPress media library, but it also sanitizes them before uploading.

Summary
For security reasons, WordPress restricts the file formats that you can upload to your site by default. If you try to upload a file type that isn’t on this list, you’ll get the warning “Sorry, this file type isn’t allowed for security reasons.”

Allowing unfiltered uploads may be fixed by editing your wp-config.php file and adding the ALLOW UNFILTERED UPLOADS code snippet. You can also control allowable file types from your WordPress dashboard with the free WP Extra File Types plugin.

Finally, if you still can’t upload your file due to its size after permitting new file formats, you might wish to look at our extra tutorials on:

How to Increase the Maximum Upload File Size in WordPress
How to Fix the Upload max filesize directive in php.ini exceeds the uploaded file size Error
Remember that you can also use SFTP to upload the file if necessary.

Save time, money, and improve site performance by using:

Expert WordPress hosting assistance is available 24 hours a day, 7 days a week.
Integration with Cloudflare Enterprise.
With 29 data centers across the world, we can reach a global audience.
With our built-in Application Performance Monitoring, you can improve your performance.
All of this and more is included in a single plan that includes no long-term obligations, aided migrations, and a 30-day money-back guarantee. Check out our plans or speak with a sales representative to find the ideal plan for you.