How to fix “Sorry, this file type is not allowed for security reasons”

When uploading a file to the WordPress media library, you may encounter the error “Sorry, this file type is not allowed for security reasons«.

Although this is a common error message, receiving it can be frustrating, especially if you’re sure the file you’re trying to upload isn’t a threat to the .

Fortunately, the “Sorry, this file type is not allowed for security reasons” error can be fixed. This article will explain why you get this error message and how to fix it in five different ways.

Why does the error “Sorry, this file type is not allowed for security reasons” occur?

WordPress allows users to upload images, document formats, audio and video files in the following formats:

• Images: .jpeg, .jpg, .png, .gif, .ico
• Documents: .pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx, .psd
• Audio: .mp3, .m4a, .ogg, .wav
• Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2

Any file outside of the allowed file types will not be uploaded to the default media library. When you try to upload them you will receive the error “Sorry, this type of file is not allowed for security reasons” in WordPress.

For example, you can’t upload a file .epub either .woff without doing some configuration first.

Allowing only certain types of files minimizes the risks of a security breach due to potentially malicious files.

If you’re not careful, these types of dangerous files can make their way into your WordPress site, either accidentally or on purpose, and expose your site’s vulnerabilities. This can damage your site or give hackers access to your sensitive data.

Fixing “Sorry, this file type is not allowed for security reasons” error

Although WordPress’ reason for limiting file types is well-intentioned, it poses a problem for users who want to share specific files on their website.

In this section, we will explain five different ways to fix “Sorry, this file type is not allowed for security reasons” error in WordPress.

1. Check the file type

In some cases, the file you want to upload is within the list of WordPress allowed file types, but you still receive the error “Sorry, this file type is not allowed for security reasons”.

The filename extension may be misspelled or accidentally changed, causing WordPress to not recognize the file. So before trying any other method, make sure the file extension is correct.

If you’re using Windows, go to the location of your file in File Explorer. In the menu, select the tab View and mark File name extensions.

Now you can see and edit the extension of all files. For example, if you notice that the file extension is misspelled, right-click the file and change the name for the correct one.

The process is similar if you’re using a Mac. You’ll need to go to Finder -> Preferences -> Advanced and activate Show file name extensions.

If the file type is allowed by WordPress, reuploading it with the correct extension should resolve the “Sorry, this file type is not allowed for security reasons” error message. However, if the file extension is spelled correctly and is not allowed by WordPress, try the following methods.

2. Use a WordPress plugin

WordPress has many that can help you upload file types that are not supported. These plugins allow you to enable many types of Multipurpose Internet Mail Extensions (MIME) disabled by the media library.

This step-by-step tutorial will show you how to fix the “Sorry, this file type is not allowed for security reasons” error using the free plugin .

1. From the WordPress dashboard, install and activate the plugin.
2. go to Settings -> Mime Types Settings
3. In the Add Values ​​section, enter the for the file you want to add. For example, if you are uploading a .woff file, introduce woff = application/x-font-woff. To add multiple MIME file types, separate each value with Enter.
4. click on Save. If the process is successful, the new MIME type should appear in the allow list, and you should be able to reload the file without any problems.

3. Edit the wp-config.php file

Edit the file wp-config.php of your site may allow you to upload all types of files to the media library, including those that are not supported. However, keep in mind that this method will make your WordPress website less secure.

We advise you to revert any changes made once you have uploaded the unsupported file.

Also, since you’re going to be editing a system file, make sure before proceeding in case something goes wrong.

1. Access the directory of your WordPress installation through a or the File Manager. If you use , open hPanel and navigate to Files -> File Manager.
2. open the folder public_html and then the file wp-config.php.
3. Paste the following code snippet above the line that says That’s all, stop editing! Happy posting. Later, guard the changes.
   define(‘ALLOW_UNFILTERED_UPLOADS’, true);

4. Edit the theme’s functions.php file

If the file method wp-config.php seems too risky to you, add the filter to the functions.php file of your theme may be a better alternative. This method allows you to enable certain types of files individually instead of all of them simultaneously. After backing up your site, follow these steps:

1. Access your WordPress installation directory via an FTP client or File Manager.
2. Navigate to wp-content -> themesgo to the folder of your current theme and open the file functions.php.
3. Paste the following syntax into the file. Feel free to add the mime types you want below the line // Add new MIME types here. Save the changes.
   function my_custom_mime_types( $mimes ) {
   // Add new MIME types here
   $mimes = ‘text/gpsxml’;
   return $mimes;
   }

Note that different operating systems use different versions of a similar file type, which makes their MIME values ​​different as well.

For example, the files .gpx on Windows they are .gpsxml on macOS. So instead of $mimes = ‘text/gpsxml’; Add $mimes = ‘application/gpsxml’; on macOS.

5. Contact your hosting provider

Sometimes WordPress isn’t the only thing preventing you from uploading certain files. Various hosting providers set file type restrictions to ensure security.

So, if none of the methods we’ve offered work, contact your hosting provider’s support team and ask them to fix the problem.

If you use , feel free to contact our customer support team via live chat. Open hPanel and go to Help -> Chat Now.

A live chat window will appear. Send a message and you’ll soon be in touch with one of our customer service agents.

conclusion

The error message “Sorry, this file type is not allowed for security reasons” will appear if you try to upload file types that WordPress does not allow by default.

Although this is a well-intentioned restriction, it poses a problem for users who want to share the types of files they want.

In this guide, we have explained five different solutions for this error:

1. Double check file type
2. Use a WordPress plugin
3. Edit the wp-config.php file
4. Edit the theme’s functions.php file
5. Contact the hosting provider

Whichever method you choose, we hope this article helped you resolve the “Sorry, this file type is not allowed for security reasons” error message in WordPress.

Gustavo is passionate about creating websites. He focuses on the application of SEO strategies at for Spain and Latin America, as well as the creation of high-level content. When he is not applying new WordPress tricks you can find him playing the guitar, traveling or taking an online course.