If you’re seeing the “Sorry, this file type is not permitted for security reasons” error in WordPress, that means WordPress is blocking you from uploading a file type it doesn’t recognize.
We’ve had this trouble a couple of times, and we have some ways to work around it that we’d like to share with you.
You can upload the most common file types in WordPress without any errors. However, for security reasons, WordPress restricts certain file types from being uploaded through your dashboard. This can be frustrating if you need to upload a specific file for your website.
In this article, we will show you how to easily fix the ‘Sorry, this file type is not permitted for security reasons’ error in WordPress.
What Causes the “Sorry, This File Type Is Not Permitted for Security Reasons” Error?
The error “Sorry, this file type is not permitted for security reasons” appears when you try to upload a file type that WordPress does not support.
You may have seen this error message appear when trying to add a new file to your Media Library.
If you use the latest WordPress version, you may see the error message saying, “Sorry, you are not allowed to upload this file type.”
For security reasons, WordPress restricts the file types you can upload through your WordPress dashboard.
The permitted file types include all common images, video, document, and audio formats.
One solution to fix this problem is to upload the files through FTP or your WordPress hosting provider’s file manager app. However, it is not as convenient as using the built-in WordPress media library.
So, let’s take a look at how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress. The methods explained in this guide are all friendly for beginners.
You can use the links below to jump to the different solutions:
Important Note: The reason WordPress blocks many file types is to prevent malicious files from harming your website.
When you enable additional file types, we strongly advise taking some security measures to protect your website. You can read our ultimate guide on WordPress security for more information.
Option 1: Check and Fix the File Type Extension Spelling
Let’s say that you might have uploaded the same types of files to WordPress previously with success. However, this time, your attempt has failed, and you are wondering why that is.
In this case, it is likely that the error occurs because you have misspelled the file extension.
A file extension is the 3 or 4-letter file type suffix that appears at the end of file names on your computer.
For instance, an image file may be named holidayphoto.png, where holidayphoto is the file name and png is the extension.
These extensions are used by many programs and applications, including WordPress, to recognize file types.
Here are the default WordPress file types and extensions:
Images: .png, .gif, .jpg, .jpeg, .ico, .webp
Documents: .pdf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pps, .ppsx, .odt, .psd
Audio: .wav, .mp3, .m4a, .ogg
Video: .mp4, .m4v, .mpg, .mov, .wmv, .avi, .ogv, .3gp, .3g2
Pro Tip: Although you can upload videos to WordPress, we always recommend uploading your videos to a video hosting site instead. This helps protect your website’s speed and performance.
You can read more on this in our opinion piece about why you should never upload a video to WordPress.
When you get this error, the first thing we recommend is checking the file extension to make sure it is correct. Sometimes, you may accidentally delete a file name extension or mistype it while editing or saving a file on your computer.
On Windows, you can easily check file extensions. Simply open the folder that contains your file and click on the ‘View’ link at the top of the window. From here, simply check the ‘File name extensions’ box.
After checking that box, you will now see the extension after the file names.
Mac users can view file extensions by opening the Finder app and going to Finder » Settings or Preferences in the top menu.
This will bring up the Settings popup, where you need to click on the ‘Advanced’ tab and make sure that the box next to the ‘Show all filename extensions’ option is checked.
Now that you can view the file name extensions, find the file you were trying to upload and make sure it has the correct extension.
If the extension is incorrect, then you can simply right-click and select the ‘Rename’ option to change the file name and add the correct extension.
Option 2: Allow New File Types in WordPress With the File Upload Types Plugin
If you want to upload file types that are not supported by WordPress, then you can still upload them by adding them as a supported file type.
The File Upload Types plugin is the easiest way to fix the “Sorry, this file type is not permitted for security reasons” error. This plugin was co-created by WPBeginner’s founder, Syed Balkhi.
First, you need to install and activate the File Upload Types plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.
Upon activation, go to the Settings » File Upload Types page in your WordPress admin area. Then, simply type your file type into the search box.
Next, check the box next to the file type(s) that you want to enable. This will change the default file type upload settings.
You must then click on the ‘Save Settings’ button at the bottom of the screen to store your changes.
Now, go ahead and return to the media library.
You will be able to add your file(s) without getting an error message.
Option 3: Allow New SVG File Types Using WPCode
You can also manually specify which file types are allowed to be uploaded on your WordPress website. However, it can be dangerous to edit your site’s files directly because small mistakes can cause big WordPress errors.
That’s why we recommend using WPCode instead. WPCode is the best WordPress code plugin that allows you to insert code snippets into your website without directly editing your theme’s functions.php file.
WPCode has a code snippet specifically for allowing SVG file uploads. You can see more in our guide on how to add SVG image files in WordPress.
Option 4: Edit Your wp-config.php File (Advanced)
This method is the most advanced of all the ones we’ve listed, and we only recommend it if none of the above options have worked to upload your custom file types.
We also strongly suggest backing up your WordPress website using a plugin like Duplicator before following this tutorial to prevent further errors.
This method requires editing your wp-config.php file. For more information, you can check out our guide on how to edit your wp-config.php file in WordPress.
Once you open the file, find the line that says /* That's all, stop editing! Happy publishing. */ or /* That's all, stop editing! Happy blogging. */ . Then, copy and paste the following code right above that line:
define('ALLOW_UNFILTERED_UPLOADS', true);
After that, save the file and try uploading your media or document again. If this method is successful, then go back to the wp-config.php file and remove this line.
This code prevents users from uploading file formats that could harm your site. By disabling these filters, you’re opening your site to potential security vulnerabilities like malware uploads, so you should use this method with caution.
Learn More Ways to Solve Common WordPress Errors
Are you experiencing other errors on your WordPress website? Check out these guides to fix the most common WordPress errors:
- How to Fix the 500 Internal Server Error in WordPress
- How to Fix ‘The Site Is Experiencing Technical Difficulties’ in WordPress
- How to Fix the Syntax Error in WordPress
- How to Fix the Error Establishing a Database Connection in WordPress
- How to Fix the WordPress White Screen of Death (Step by Step)
- How to Fix WordPress Posts Returning 404 Error (Step by Step)
- How to Fix the Sidebar Below Content Error in WordPress
We hope this article helped you learn how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress. You may also want to see our list of the most common WordPress block editor problems and our guide on how to fix 403 forbidden error in WordPress
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Jiří Vaněk
Like everyone else, I struggled with SVG files in WordPress when I wanted to use new icons for Elementor, and WordPress refused to upload these files. WP Code works like magic, and now I can finally use the new set of icons because, thanks to you, I can upload them to WordPress without any problems.
Mrteesurez
Thanks but to clear the doubt.
Meaning File upload plugin is sufficient for me to upload SVG too or Do is till need to use code to make it work ?
WPBeginner Support
You would only need the plugin to have it work properly
Admin
Mrteesurez
Ok, welldone for crafting this useful plugin, I am using it to allow SVG on my site as I heard how SVG images works and I like it. Thanks for your reply.
Gabriel
I want to upload a .epub file. I installed the plugin, checked the “.epub” box, and I’m still getting the error.
WPBeginner Support
If the plugin is having issues, please reach out to the support on the plugin’s page for them to take a look and assist with any specific issues with your site.
Admin
Annette
Hi, I got this error when trying first time to upload an m4a-file, so I converted the file to mp3 and it could be uploaded. I uploaded two more mp3’s. Next time I logged in and tried to upload an mp3-file, I got that error as well. I can see in this turorial that even m4a should have been accepted. I checked the spelling, even eliminated spaces from the filename. What else could be wrong?
Thanks for a good tutorial series, yours are often the most valuable answers when I need to search around.
WPBeginner Support
You would likely need to check with your host to ensure this isn’t a limitation that was set on their end.
Admin