Are you seeing the ‘Sorry, this file type is not permitted for security reasons’ error in WordPress?
You can upload most common file types in WordPress without any errors. However, you may see this error if the file type is not supported by WordPress.
In this article, we will show you how to easily fix the ‘Sorry, this file type is not permitted for security reasons’ error in WordPress.
What Causes the “Sorry, This File Type Is Not Permitted for Security Reasons” Error?
The error “Sorry, this file type is not permitted for security reasons” appears when you try to upload a file type that WordPress does not support.
You may have seen this error message appear when trying to add a new file to your Media Library.
For security reasons, WordPress restricts the file types you can upload through your WordPress admin dashboard. The permitted file types include all common images, video, document, and audio formats.
However, it is not as convenient as using the built-in WordPress media library.
So, let’s take a look at how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress. You can use the links below to jump to the different solutions.
Check and Fix the File Type Extension Spelling
If you are trying to upload a common file type that you have previously uploaded without seeing this error, then you have likely misspelled the file extension.
A file extension is the 3 or 4-letter file type suffix that appears at the end of file names on your computer.
For instance, an image file may be named holidayphoto.png, where holidayphoto is the file name and png is the extension.
These extensions are used by many programs and applications, including WordPress, to recognize file types.
Here are the default WordPress file types and extensions:
Images: .png, .gif, .jpg, .jpeg, .ico, .webp
Documents: .pdf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pps, .ppsx, .odt, .psd
Audio: .wav, .mp3, .m4a, .ogg
Video: .mp4, .m4v, .mpg, .mov, .wmv, .avi, .ogv, .3gp, .3g2
When you get this error, the first thing we recommend is checking the file extension to make sure it is correct. Sometimes, you may accidentally delete a file name extension or mistype it while editing or saving a file on your computer.
On Windows 10 and 11, you can easily check file extensions. Simply open the folder that contains your file and click on the ‘View’ link at the top of the window. From here, simply check the ‘File name extensions’ box.
After checking that box, you will now see the extension after the file names.
In the example below, you can see that it is a JPG image.
Note: This will show the extension for all files on your computer, not just the ones in this folder.
Mac users can view file extensions by opening the Finder app and going to Finder » Preferences in the top menu.
This will bring up the Preferences popup, where you need to click on the ‘Advanced’ tab and make sure that the box next to the ‘Show all filename extensions‘ option is checked.
Now that you can view the file name extensions, find the file you were trying to upload and make sure it has the correct extension.
If the extension is incorrect, then you can simply right-click and select the ‘Rename’ option to change the file name and add the correct extension.
Allow New File Types in WordPress With the File Upload Types Plugin
If you are uploading a file type that is not supported by WordPress, then you can still upload it by adding it as a supported file type.
Upon activation, go to the Settings » File Upload Types page in your WordPress admin area. Then, simply type your file type into the search box.
Next, check the box next to the file type(s) that you want to enable.
You must then click on the ‘Save Settings’ button at the bottom of the screen to store your changes.
Now, go ahead and return to the media library.
You will be able to add your file(s) without getting an error message.
Allow New File Types Using WPCode
You can also manually specify which file types are allowed to be uploaded on your WordPress website. However, it can be dangerous to edit your site’s files directly because small mistakes can cause big WordPress errors.
That’s why we recommend using WPCode instead. WPCode is the best WordPress code plugin that allows you to insert code snippets into your website without directly editing your functions.php file.
WPCode has a code snippet specifically for allowing SVG file uploads. You can see more in our guide on how to add SVG image files in WordPress.
Keeping Your WordPress Site Secure When Permitting Additional File Types
The reason WordPress blocks many file types is to help keep your WordPress website secure.
When you enable additional file types, we strongly advise taking some security measures to protect your WordPress website.
- Restrict non-registered users, so they can only upload the file types that they need to upload. The best way to do this is with a file upload form.
- Use a WordPress security plugin to monitor your site for vulnerabilities.
- Regularly scan your WordPress site for potentially malicious code.
- Consider limiting the size of uploaded files to stop users from uploading large files that may contain malware.
- Add user activity logging so that you have records of which user uploaded which file.
We hope this article helped you learn how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress. You may also want to see our expert picks for the must-have WordPress plugins for your website and bookmark our ultimate guide on how to fix the most common WordPress errors.