Menu

All help articles

Fix “Sorry, this file type is not permitted for security reasons” error in WordPress

Updated on April 10th, 2024

Sometimes when you try to upload a file to WordPress, you’ll see this error: “Sorry, this file type is not permitted for security reasons.”  Or if you’re using the latest version of WordPress, the error message may say, “Sorry, you are not allowed to upload this file type.”

This usually occurs because the file’s MIME type (also called “Media type”) is restricted from upload due to default WordPress settings.

Luckily, there are several ways to authorize additional file types for upload.

MIME types explained

MIME stands for Multipurpose Internet Mail Extensions. MIME types are used by browsers and other internet devices to determine the type of content associated with a page.

For instance, if you have a .png file and a .jpeg file on a page, the browser would know by their MIME types (not their file extension) to treat both files as images, rather than videos or other file types.

By default, WordPress stores a list of registered MIME types in wp-includes/functions.php. However, not all MIME types recognized are allowed to be uploaded in the WordPress admin dashboard.

File types supported by default

Images .jpg
.jpeg
.png
.gif
.ico
Documents .pdf (Portable Document Format; Adobe Acrobat)
.doc, .docx (Microsoft Word Document)
.ppt, .pptx, .pps, .ppsx (Microsoft PowerPoint Presentation)
.odt (OpenDocument Text Document)
.xls, .xlsx (Microsoft Excel Document)
.psd (Adobe Photoshop Document)
Audio .mp3
.m4a
.ogg
.wav
Video .mp4, .m4v (MPEG-4)
.mov (QuickTime)
.wmv (Windows Media Video)
.avi
.mpg
.ogv (Ogg)
.3gp (3GPP)
.3g2 (3GPP2)

To allow uploading of file types not listed above, there are a few ways to get around the restrictions.

Authorize uploads for additional MIME types using a plugin

We recommend WP Extra File Types. Setup is really simple, just click the file types you want to allow and save your changes.

Other plugin options include:

Authorize uploads for additional MIME types via functions.php

If you’re code-savvy, you can add the requirements to the active theme’s functions.php file. The example below can be modified for the file types you want to allow:

function my_theme_custom_upload_mimes( $existing_mimes ) { 
// Add webm to the list of mime types. 
$existing_mimes['webm'] = 'video/webm';
// Return the array back to the function with our added mime type.
return $existing_mimes;
}
add_filter( 'upload_mimes', 'my_theme_custom_upload_mimes' );

Allow unfiltered uploads via wp-config.php

All uploads can be authorized with the addition of the following line to the site’s wp-config.php file:

define('ALLOW_UNFILTERED_UPLOADS', true);

It’s important to note that this allows all file types to be uploaded by administrator-level users. It’s best practice to add file types as needed.

Note

Since Flywheel restricts editing the WordPress core, including wp-config.php, please reach out to our support team to perform this change.

Configure multisite upload settings

If you are developing a multisite, you can edit MIME types directly from the multisite settings, no plugins or coding required!

  1. From the WordPress admin area, navigate to Network Admin > Settings > Network Settings
  2. Scroll down to Upload Settings and add or remove file types from the Upload file types field.

Need help?

If you have any questions our Happiness Engineers are here to help!

Was this article helpful?

Yes No
or contact Support

Getting Started

New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!

View all

Account Management

Learn all about managing your Flywheel user account, Teams and integrations.

View all

Billing

Everything about billing, invoices and payments can be found here.

View all

Features

Flywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!

View all

Platform Info

All the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!

View all

Site Management

Tips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.

View all

Developer Hub

Learn how to connect, deploy, and more with SSH on Flywheel's platform.

View all

Growth Suite

Learn more about Growth Suite, our all-in-one solution for freelancers and agencies to grow more quickly and predictably.

View all

Managed Plugin Updates

Learn more about Managed Plugin Updates, and how you can keep your sites up to date, and extra safe.

View all

Local

View the Local help docs

 

Flywheel help

Help is just a click away! Log into Flywheel dashboard to instantly chat with an expert, respond to a ticket, or follow along with in-depth documentation. We happily offer support 24 hours a day, 7 days a week, 365 days a year!

Log in

Try Flywheel today

Launch your next site on WordPress in minutes.

 Free migrations  24/7/365 support  14 day demo sites
Get started
Features
Flywheel for
Resources
Company
Customers

© 2013–2024 WPEngine, Inc. All rights reserved.
WP ENGINE®, VELOCITIZE®, TORQUE®, EVERCACHE®, and the cog logo service marks are owned by WPEngine,Inc. | Privacy Policy

1WP Engine is a proud member and supporter of the community of WordPress® users. The WordPress® trademarks are the intellectual property of the WordPress Foundation, and the Woo® and WooCommerce® trademarks are the intellectual property of WooCommerce, Inc. Uses of the WordPress®, Woo®, and WooCommerce® names in this website are for identification purposes only and do not imply an endorsement by WordPress Foundation or WooCommerce, Inc. WP Engine is not endorsed or owned by, or affiliated with, the WordPress Foundation or WooCommerce, Inc.