How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

The “Sorry, this file type is not permitted for security reasons” error in WordPress is a common issue that occurs when you try to upload a file type that is not allowed by your WordPress site. This error is usually caused by incorrect file permissions or incorrect settings in your WordPress media settings. In this article, we will show you how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress.

What Causes the “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress?

By default, WordPress allows you to upload certain file types to your site. These file types are allowed for security reasons. If you try to upload a file type that is not allowed, then you will see the “Sorry, this file type is not permitted for security reasons” error.

This error is usually caused by incorrect file permissions or incorrect settings in your WordPress media settings. In some cases, it can also be caused by a plugin or theme conflict.

How to Fix the “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

The first thing you need to do is to check your WordPress media settings. You can do this by going to Settings » Media in your WordPress admin area.

On this page, you will see a list of allowed file types. Make sure that the file type you are trying to upload is included in the list. If it is not, then you can add it by clicking on the “Add New File Type” button.

Once you have added the file type, you can try uploading the file again. If you still see the error, then you need to check your file permissions.

To do this, you need to connect to your WordPress site using an FTP client. Once connected, you need to navigate to the /wp-content/uploads/ folder.

Right click on the folder and select ‘File Permissions’ from the menu. You will see a dialog box with a numeric value. This value should be set to 744 or 755. If it is not, then you need to change it.

Once you have changed the file permissions, you can try uploading the file again. If you still see the error, then it is likely caused by a plugin or theme conflict.

To fix this, you need to deactivate all plugins and switch to the default WordPress theme. Once you have done this, you can try uploading the file again. If it works, then you need to activate your plugins and theme one by one to find out which one is causing the issue.

We hope this article helped you learn how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress. You may also want to see our guide on how to fix common image issues in WordPress.

)

export default FixError

Are you trying to upload a file to your WordPress Media Library only to be met with a message telling you “Sorry, this file type is not permitted for security reasons” and/or “[filename] has failed to upload”?

As the message implies, WordPress limits the types of files that you can upload to your site for security reasons. However, by adding a small code snippet to your site’s wp-config.php file or using a free plugin, you can manually expand the list of allowed file types so that you’re able to upload any type of file.

Here’s what you’ll learn in this article:

What Triggers the “Sorry, this file type is not permitted for security reasons” Message?

The
The “Sorry, this file type is not permitted for security reasons” message

As we explained above, WordPress’ default configuration limits the types of files that you can upload to your site for security reasons.

By default, the file types that you can upload are:

Images:

  • .jpg
  • .jpeg
  • .png
  • .gif
  • .ico

(Suggested reading: JPG vs JPEG: Understanding the Most Common Image File Format)
Videos:

  • .mp4
  • .m4v
  • .mov
  • .wmv
  • .avi
  • .mpg
  • .ogv
  • .3gp
  • .3g2

Documents:

  • .pdf
  • .doc
  • .ppt, .pptx, .pps, .ppsx
  • .odt
  • .xls, .xlsx
  • .psd

Audio:

If you’re trying to upload a file type that’s not on the list above, you’re likely going to run into the “Sorry, this file type is not permitted for security reasons” error. Or, you’ll also see it as “[filename] has failed to upload”.

For example, if you’re trying to use your own custom fonts on your WordPress site, you might be trying to upload a custom font file to WordPress in the .tff and/or .woff formats. Because those formats are not allowed by default, WordPress will show you the “Sorry, this file type is not permitted for security reasons” error instead of letting you upload them.

Here’s an example where we tried to upload a .woff file to our test site:

Uploading a .woff file triggers the message
Uploading a .woff file triggers the message

How to Fix the “Sorry, this file type is not permitted for security reasons” Error in WordPress

Below, we’ll show you two ways how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress:

  1. By editing your site’s wp-config.php file
  2. By using a free WordPress plugin

1. Add New Permitted File Types Using wp-config.php

WordPress includes an ALLOW_UNFILTERED_UPLOADS option that you can enable in your site’s wp-config.php file. Once enabled, you’ll be able to upload any file type to your WordPress Media Library.

Here’s how to set it up – but first, because you’ll be editing your wp-config.php file, we’d recommend backing up your site before proceeding.

To get started, connect to your WordPress site via FTP/SFTP. Your site’s wp-config.php file is located in the root folder, which is the same folder that has the wp-admin and wp-includes folders.

Right-click to edit the file, or download it to your computer:

How to edit your wp-config.php file
How to edit your wp-config.php file

Then, while editing the wp-config.php file, add the following code snippet above the /* That’s all, stop editing! Happy blogging. */ line:

define('ALLOW_UNFILTERED_UPLOADS', true);

Where to add the code in your wp-config.php file
Where to add the code in your wp-config.php file

Make sure to save your changes and re-upload the file if needed.

To finish the process, you’ll need to go to your WordPress dashboard and log out of your WordPress account. Then, you can immediately log back in.

After you’ve logged out/in, you should be able to upload any file without triggering the error message:

Successfully uploading a .woff file
Successfully uploading a .woff file

2. Use the Free WP Extra File Types Plugin

If you’d prefer not to edit your wp-config.php file and/or you want more control over exactly which file types can be uploaded to your site, you can use the free WP Extra File Types plugin at WordPress.org

Once you install and activate the plugin, go to Settings → Extra File Types in your WordPress dashboard.

There, you’ll see a lengthy list of file types. Check the box next to the file type(s) that you want to be able to upload and then click Save Changes at the bottom:

How to allow file types in the plugin's settings
How to allow file types in the plugin’s settings

If you don’t see the file type that you’d like to upload on the list, you can also add your own custom file types at the bottom of the plugin’s settings list:

How to add your own custom file type
How to add your own custom file type

Alternative Plugins

In some instances, there may be better alternative plugins to enable specific file types. For example, in our tutorial on how to enable SVGs in WordPress, we recommend the free Safe SVG plugin. This not only enables the SVG filetype in the WordPress media library, it also sanitizes them upon upload.

Summary

By default, WordPress limits the file types that you can upload to your site for security reasons. If you try to upload a file type outside this list of default file types, you’ll see the “Sorry, this file type is not permitted for security reasons.” message.

One way to fix the issue is to edit your wp-config.php file and add the ALLOW_UNFILTERED_UPLOADS code snippet to allow unfiltered uploads. Or, you can also use the free WP Extra File Types plugin to control allowed file types from your WordPress dashboard.

Finally, if, after allowing new file types, you still can’t upload your file because of its size, you might want to check out our additional guides on:

And don’t forget, you could also upload the file via SFTP if needed.


Get all your applications, databases and WordPress sites online and under one roof. Our feature-packed, high-performance cloud platform includes:

  • Easy setup and management in the MyKinsta dashboard
  • 24/7 expert support
  • The best Google Cloud Platform hardware and network, powered by Kubernetes for maximum scalability
  • An enterprise-level Cloudflare integration for speed and security
  • Global audience reach with up to 35 data centers and 275 PoPs worldwide

Get started with a free trial of our Application Hosting or Database Hosting. Explore our plans or talk to sales to find your best fit.

Jaspreet Singh Ghuman

Jaspreet Singh Ghuman

Jassweb.com/

Passionate Professional Blogger, Freelancer, WordPress Enthusiast, Digital Marketer, Web Developer, Server Operator, Networking Expert. Empowering online presence with diverse skills.

jassweb logo

Jassweb always keeps its services up-to-date with the latest trends in the market, providing its customers all over the world with high-end and easily extensible internet, intranet, and extranet products.

Contact
San Vito Al Tagliamento 33078
Pordenone Italy
Item added to cart.
0 items - 0.00
Open chat
Scan the code
Hello 👋
Can we help you?