WordPress error "Sorry this file type is not permitted for security reasons" - Fix it Now ?

WordPress error "Sorry this file type is not permitted for security reasons" - Fix it Now ?

The error, "Sorry this file type is not permitted for security reasons" in WordPress occurs when we try to upload a document to the WordPress library.

As the message indicates, WordPress limits the types of files that you can upload to your site for security reasons. 

However, by adding a small code snippet to your site's wp-config.php file or using a free plugin, you can manually expand the list of allowed file types so that you're able to upload any type of file.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to resolve related WordPress errors.

In this context, we shall look into how to fix this WordPress errors.

WordPress error "Sorry this file type is not permitted for security reasons"

In order to stop people from putting potentially malicious executable files on their site, WordPress only accepts uploads of certain file types.

If there is any file type that it does not accept, we receive the error.

However, there are certain types of files (i.e. MIME types) that WordPress will accept.

Also known as Media types, MIME stands for Multipurpose Internet Mail Extensions. They consist of a two-part naming convention which first specifies the file type followed by the subtype.

For example, text/html and image/png each represent a specific MIME type.

According to the WordPress Codex, the file types that we are able to upload include:

i. Images






ii. Documents


.doc, .docx

.ppt, .pptx, .pps, .ppsx


.xls, .xlsx


iii. Audio





iv. Video

.mp4, .m4v








Alternatively, we may see a different message:

"[filename] has failed to upload” or “the media you tried to upload was invalid”.

For example, if we try to upload a .tff or .woff file, these will not upload.

How to fix WordPress error "Sorry this file type is not permitted for security reasons" ?

Try the following tips if you need to fix this error.

1. Change the WordPress Multisite Settings

WordPress Multisite lets us make multiple websites. They join by a network and can change all at once.

For example, suppose we have a chain of stores and want a site for each location. Updating them simultaneously will save a lot of time.

In addition, WordPress Multisite lets to upload files we cannot usually upload.

To do so, go to:

i. Network Administration Area

ii. Settings

iii. Upload Settings

If we add multiple types, we put a space between with no comma.

2. Install a plugin that enables extra MIME types

A quick and easy solution to this error is to install a MIME plugin that allows us to upload not permitted file types.

A few plugins that will do the trick includes:

i. WP AddMime Types

ii. Mime Types Plus

iii. Unsafe Mime Types

iv. Pro Mime Types

v. Mime Types Extended

3. Edit wp-config.php file to allow unfiltered uploads

ALLOW_UNFILTERED_UPLOADS is a function we can activate in WordPress. We can activate it in our site's wp-config.php file. 

Then in the Media Library, we will be able to upload any kind of file.

i. Firstly, keep a backup copy of the site.

ii. Open the wp-config.php file.

iii. Then we add the below code:


iv. We can add it anywhere before:

– /* That’s all, stop editing! Happy blogging. */

This will prevent all file-type upload checks from taking place, leaving the website vulnerable to potentially malicious uploads.

4. Change the functions.php file of our theme

A simple resolution is changing the theme’s functions.php to allow custom MIME types. We can change which file types WordPress accepts by utilizing the upload_mimes filter.

i. Using a file manager or FTP client, find the installation directory for WordPress (often public_html).

ii. Then we go to wp-content >> themes.

iii. We find the folder of the theme we are using.

iv. Find and access the functions.php file.

v. Then we add the following:

function my_custom_mime_types( $mimes ) {
// Add new MIME types here
$mimes[‘abiword’] = ‘application/x-abiword’;
return $mimes;
add_filter( ‘upload_mimes’, ‘my_custom_mime_types’ );

vi. Eventually, we save the changes.

While we remove or add any MIME types necessary, remember to add the extensions associated with them.

5. Get in touch with the hosting provider

It is also possible that the hosting providers sometimes limit the upload of file types for security reasons.

In such a case, they will be able to help.

[Couldn't resolve this WordPress error? We'd be happy to assist. ]

Who We Are ?

Most prominent, efficient, and well-performing IT companies and software solutions.

Related Posts