Fix Sorry, This File Type Is Not Permitted For Security Reasons WordPress Error ❌
Table of Contents [TOC]
- Fix Sorry, This File Type Is Not Permitted For Security Reasons WordPress Error ❌
- WHAT ARE MIME TYPES?
- Why you see this WordPress error message ?
- MIME Types & File Extensions Supported by WordPress
- Add/Remove a MIME file type
- Add custom mime types to WordPress
- How To Fix “Sorry, this file type is not supported for security reasons error” In WordPress?
- 1.Modifying theme’s functions.php file
- 2. Using WordPress Plugins to Add MIME TYPES
- 3. Editing wp-config.php
- 4. Using WordPress Multisite Settings
- Contact your hosting provider
- Conclusion
- Share this:
- Like this:
- Related
You must have come across This File Type is Not Permitted Error message – ❌ “Sorry, this file type is not Permitted for security reasons.” while uploading images in your WordPress site. This is the message that appears when you try to upload file using the WordPress upload utility, a default forbidden extension for your favorite CMS.
These are some of the most commonly found queries around this WordPress error message.
- images – How do I fix “Sorry, this file type is not permitted for security reasons .svg, .jpg, .ovg, .png?
- Upload file type not permitted even if explicitly registered
- php – How do I get around “Sorry, this file type is not permitted?
- Upload Error – upload_mimes not accepting CSV – WordPress
You have probably already arrived to wish to download a video rather special type of file on WordPress that was not supported by the file manager of your blog. You have probably turned to another solution or you were still looking.
If you want to simplify your life without having to touch your code, You can also use the plugins to add more files extensions, which allows to realize (with an interface) what I am about to describe you throughout this article. Here you will learn more about wp add mime types, why does this WordPress error occurs? & ❌ How to fix “Sorry, This File Type Is Not Permitted For Security Reasons” using plugins.
Firstly, we must know about,
WHAT ARE MIME TYPES?
MIME stands for Multipurpose Internet Mail Extensions. MIME types are used by browsers and other internet devices to determine the type of content associated with a page. For instance, if you have a .png file and a .jpeg file on the page, the browser would know by their MIME types to treat both files as images rather than videos or other file types.
By default, WordPress has a list of registered mime types stored in wp-includes/functions.php. Using the wp_get_allowed_mime_types() function you can get a list of MIME types WordPress recognizes. These files are the file types recognized by WordPress. However, not all MIME types recognized are allowed to be uploaded in the WordPress Admin Dashboard.
Related Post – Fix Error Establishing a Database Connection in WordPress
Why you see this WordPress error message ?
As configured WordPress by default, from the administration area we can upload images, documents such as PDFs, Word, Pages, OpenOffice and even audio, midi and video files to the server. This is the list of most used file extensions that you accept if we have not made any changes. If you need a reference of which MIME types are available web-wide to add, see this comprehensive list. For more information on which files are allowed, See Uploading Files documentation
MIME Types & File Extensions Supported by WordPress
EXTENSION |
MIME TYPE |
.jpg | image/jpeg, image/pjpeg |
.jpeg | image/jpeg, image/pjpeg |
.png | image/png |
.gif | image/gif |
.ico | image/x-icon |
application/pdf | |
.doc | application/msword |
.docx | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
.ppt | application/mspowerpoint, application/powerpoint, application/vnd.ms-powerpoint, application/x-mspowerpoint |
.pptx | application/vnd.openxmlformats-officedocument.presentationml.presentation |
.pps | application/mspowerpoint, application/vnd.ms-powerpoint |
.ppsx | application/vnd.openxmlformats-officedocument.presentationml.slideshow |
.odt | application/vnd.oasis.opendocument.text |
.xls | application/excel, application/vnd.ms-excel, application/x-excel, application/x-msexcel |
.xlsx | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |
.psd | application/octet-stream |
.mp3 | audio/mpeg3, audio/x-mpeg-3, video/mpeg, video/x-mpeg |
.m4a | audio/m4a |
.ogg | audio/ogg, |
.wav | audio/wav, audio/x-wav |
.mp4 | video/mp4 |
.m4v | video/x-m4v |
.mov | video/quicktime |
.wmv | video/x-ms-asf, video/x-ms-wmv |
.avi | application/x-troff-msvideo, video/avi, video/msvideo, video/x-msvideo |
.mpg | audio/mpeg, video/mpeg |
.ogv | video/ogg |
.3gp | video/3gpp, audio/3gpp |
.3g2 | video/3gpp2, audio/3gpp2 |
Related Post – WordPress Website Maintenance Tasks & Checklist
Other MIME TYPES Recognized by WordPress.
EXTENSION |
MIME TYPE |
.bmp | image/bmp |
.tif | image/tiff |
.tiff | image/tiff |
.asf | video/x-ms-asf |
.asx | video/x-ms-asf |
.wm | video/x-ms-wm |
.wmx | video/x-ms-wmx |
.divx | video/divx |
.flv | video/x-flv |
.qt | video/quicktime |
.mpe | video/mpeg |
.webm | video/webm |
.mkv | video/x-matroska |
.txt | text/plain |
.asc | text/plain |
.c | text/plain |
.cc | text/plain |
.h | text/plain |
.csv | text/csv |
.tsv | text/tab-separated-values |
.ics | text/calendar |
.rtx | text/richtext |
.css | text/css |
.htm | text/html |
.html | text/html |
.m4b | audio/mpeg |
.ra | audio/x-realaudio |
.ram | audio/x-realaudio |
.mid | audio/midi |
.midi | audio/midi |
.wax | audio/x-ms-wax |
.mka | audio/x-matroska |
.rtf | application/rtf |
.js | application/javascript |
.swf | application/x-shockwave-flash |
.class | application/java |
.tar | application/x-tar |
.zip | application/zip |
.gz | application/x-zip |
.gzip | application/x-zip |
.rar | application/rar |
.7z | application/x-7z-compressed |
.exe | application/x-msdownload |
.pot | application/vnd.ms-powerpoint |
.wri | application/vnd.ms-write |
.xla | application/vnd.ms-excel |
.xlt | application/vnd.ms-excel |
.xlw | application/vnd.ms-excel |
.mdb | application/vnd.ms-access |
.mpp | application/vnd.ms-project |
.docm | application/vnd.ms-word.document.macroEnabled.12 |
.dotx | application/vnd.openxmlformats-officedocument.wordprocessingml.template |
.dotm | application/vnd.ms-word.template.macroEnabled.12 |
.xlsm | application/vnd.ms-excel.sheet.macroEnabled.12 |
.xlsb | application/vnd.ms-excel.sheet.binary.macroEnabled.12 |
.xltx | application/vnd.openxmlformats-officedocument.spreadsheetml.template |
.xltm | application/vnd.ms-excel.template.macroEnabled.12 |
.xlam | application/vnd.ms-excel.addin.macroEnabled.12 |
.pptm | application/vnd.ms-powerpoint.presentation.macroEnabled.12 |
.ppsm | application/vnd.ms-powerpoint.slideshow.macroEnabled.12 |
.potx | application/vnd.openxmlformats-officedocument.presentationml.template |
.potm | application/vnd.ms-powerpoint.template.macroEnabled.12 |
.ppam | application/vnd.ms-powerpoint.addin.macroEnabled.12 |
.sldx | application/vnd.openxmlformats-officedocument.presentationml.slide |
.sldm | application/vnd.ms-powerpoint.slide.macroEnabled.12 |
.onetoc | application/onenote |
.onetoc2 | application/onenote |
.onetmp | application/onenote |
.onepkg | application/onenote |
.odp | application/vnd.oasis.opendocument.presentation |
.ods | application/vnd.oasis.opendocument.spreadsheet |
.odg | application/vnd.oasis.opendocument.graphics |
.odc | application/vnd.oasis.opendocument.chart |
.odb | application/vnd.oasis.opendocument.database |
.odf | application/vnd.oasis.opendocument.formula |
.wp | application/wordperfect |
.wpd | application/wordperfect |
.key | application/vnd.apple.keynote |
.numbers | application/vnd.apple.numbers |
.pages | application/vnd.apple.pages |
To improve security and prevent potentially dangerous files from being uploaded to the server, in addition to WordPress restrictions, there may also be limitations on the hosting provider, such as not allowing certain extensions or limited file sizes, thus the error occurs.
Related Post – Remove Google Blacklist Warning Message
Add/Remove a MIME file type
As far as we concerned, we encountered the problem with a sc2replay file (replay of the Starcraft 2 video game). The manipulation is quite simple, it consists of inserting a few lines in the file functions.php, which is normally at the root of your theme (in / wp-content / theme / your-theme /).
If you do not know the mime type of the file extension you want to add, we recommend a little search on Google.
Be careful, keep these lines of codes at hand because when you change the theme of your blog, you will need to insert these lines in the theme you will use.
// function of new_update_mime() add_filter('upload_mimes', 'new_update_mime'); // $existing_mimes from the list exist function non_update_mime ( $existing_mimes = array() ) { $existing_mimes['sc2replay'] = 'application/octet-stream'; return $existing_mimes; } To remove a mime type, you can use unset in your function: unset( $existing_mimes['exe'] );
Add custom mime types to WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//The following goes in a themes functions file or a custom hooks plugin | |
function custom_upload_mimes ( $existing_mimes ) { | |
$existing_mimes['epub'] = 'application/epub+zip'; | |
$existing_mimes['mobi'] = 'application/x-mobipocket-ebook'; | |
return $existing_mimes; | |
} | |
add_filter('upload_mimes', 'custom_upload_mimes'); |
Related Issue – Fix WordPress Stuck in Maintenance Mode | How to fix “The link you followed has expired” in WordPress?
How To Fix “Sorry, this file type is not supported for security reasons error” In WordPress?
This issue can be fixed by following ways:
- Modifying theme’s functions.php file
- Installing WordPress Plugins
- Editing WP-CONFIG.PHP
- Using multisite settings
1.Modifying theme’s functions.php file
What we want to do is to integrate a field in the WordPress settings (here Settings> Media> Send files) to customize the extensions allowed.
Still, in your theme’s functions.php file, you can insert these lines of code to insert a custom parameter field ‘ext’ (you can later call the function get_option (‘ext’) to get the result of this field.
add_action('admin_init','add_media_field'); function add_media_field() { add_settings_section( 'fichier', __('new fichiers'), 'display_ext', 'media' ); register_setting( 'media', 'ext' ); } function display_ext(){ echo '<input style="width: 85%;" name="ext" value="'.get_option('ext').'" type="text" id="ext" size="30"></input>'; echo __('get it to the point (press space bar, ex: "mp3 doc gif")'); }
To summarize these lines of code add_action (‘admin_init’, ‘add_media_field’) starts the add_media_field () function when the user is in the wp-admin area of Wordpress. The function add_media_field () adds a section (add_settings_section) ‘Sending files’ and is responsible for displaying a section on the right page (Settings> Media) by inserting display_ext (). register_setting (‘media’, ‘ext’) is responsible for registering the ‘ext’ option transmitted by the form.
You can replace the line with add_settings_section with this one if you want to add only one field in an existing section and not an entire section:
add_settings_field( ‘ext’, ‘Extension’, ‘display_ext’, ‘media’, ‘default’, array( ‘label_for’ => ‘ext’ ) );
These few lines allowed us to add an option in the administration. Now, we must always add the types associated with the option ‘ext’ so that we can use the media of WordPress with the extensions you want. For this, we need a special file, including over 600 file extensions and their associated types. Look for and download types-mimes.php_.txt file and put it in the ‘inc’ folder of your theme by renaming it ‘types-mimes.php’.
Now, always in the ‘functions.php’ file of your theme, add this:
add_filter('upload_mimes', 'custom_upload_mimes'); function custom_upload_mimes ($existing_mimes = array()) { $mimetype = new mimetype(); $file_types = get_option('ext'); $variables = explode(' ', $file_types); foreach($variables as $value) { $value = trim($value); if(!strstr($value, '/')) { $mime = $mimetype->privFindType($value); } else { $mime = $value; } $existing_mimes[$value] = $mime; } return $existing_mimes; } class mimetype { function privFindType($ext) { $mimetypes = $this->privBuildMimeArray(); if (isset($mimetypes[$ext])) { return $mimetypes[$ext]; } else { return 'application/octet-stream'; } } function privBuildMimeArray() { require_once('inc/types-mimes.php'); return $types; } }
The custom_upload_mimes () function goes through the list of extensions and uses the mimetype class to associate it with a mime type. If no type is found, the extension takes the mime type ‘application / octet-stream’.
You can also download the below mentioned plugin to fix this ❌ WordPress error message.
Related Post – Best WordPress Security Plugins in 2024
2. Using WordPress Plugins to Add MIME TYPES
Three commonly used plugins include Pro Mime Types, Disable Real MIME Check, WP Add Mime Types or WP Extra File Types, which will both enable WordPress to recognize other file types (like .epub or .mobi files from eBooks).
Pro Mime Types
You can easily fix such errors by using this WordPress plugin. It works for both one and multiple sites.
Here are the necessary steps:
- Install the plugin and activate it.
- Go to Settings -> Mime Type Settings.
Now you have to add the same mime type you want to upload – the extension that is not supported yet. You can find almost all the same types here.
The Mime Type must be added in a specific format. For example, to enable .abiword files to be downloaded, you need to add the following line:
- AbiWord=application/x-abiword
Once you’re done, tap the Save button. The new Mime Type will appear at the bottom of the list, in red.
WP Add Mime Types
This plugin additionally allows the mime types and file extensions to WordPress. In other words, your WordPress site can upload various file extensions.
Disable Real MIME Check
Many users after updating the engine to WordPress 4.7.1 encountered the problem of the impossibility of downloading to the site any files other than images. When you try to download a regular .doc file to the site, the engine displays the message:
“Sorry, the type of this file is not permitted for security reasons.”
The problem did not affect all the users of the engine, but quite a few. This is an officially registered bug that should be fixed in version 4.7.2 . But what if you need to download files right now? You can use the small Disable Real MIME Check plug-in that solves this problem.
Download the plugin and install it:
1 Unpack the archive.
2 Copy the disable-real-mime-check folder to / wp-content / plugins / .
3 Go to the site admin panel on the ” Plugins ” tab and activate the plugin.
And it’s all. After activating the plugin, downloading any file types will be restored. In fact, the plugin installation can be replaced with a small code that you will need to insert into the functions.php file of your theme:
function wph_disable_mime_check ( $ data , $ file , $ filename , $ mimes ) { $ wp_filetype = wp_check_filetype ( $ filename , $ mimes ) ; $ ext = $ wp_filetype [ 'ext' ] ; $ type = $ wp_filetype [ 'type' ] ; $ proper_filename = $ data [ 'proper_filename' ] ; return compact ( 'ext' , 'type' , 'proper_filename' ) ; } add_filter ( 'wp_check_filetype_and_ext' , 'wph_disable_mime_check' , 10 , 4 ) ;
But the plugin, of course, is more convenient, since it does not require manual editing of the theme files.
Related Post – How to Backup WordPress Database Manually + Plugins
3. Editing wp-config.php
The file “wp-config.php” is located in the root directory of your WordPress installation, in the same place as the ” wp-admin,” ” wp-includes ” and ” wp-content ” folders. The file contains a lot of information necessary for WordPress to work. If this file is not installed correctly, WordPress will not work, which means that your site will be unavailable or inaccurate data may even destroy your installation.
To allow each type of file, all you need to do is:
- Log in to your website using an FTP client or File Manager.
- Navigate to the WordPress installation directory and search for the wp-config.php file. Edit it.
- Paste the following line of code anywhere above the line that says ” That’s all, stop editing!” Happy blogging ‘:
define(‘ALLOW_UNFILTERED_UPLOADS’, true);
Related Issue – WordPress Upload Failed To Write File To Disk Error | WordPress HTTP Image Upload Error
4. Using WordPress Multisite Settings
In WordPress Multisite you can add the file type that you want to upload in the “Upload file types” option in network admin area.
Network Admin Area -> Settings -> Upload Settings
Contact your hosting provider
If you have already tried all the steps mentioned above and nothing seems to work for you, it may be useful to contact your hosting provider. Sometimes, hosting providers limit certain file formats to provide some security, and they can better guide you through that.
Also Read – “This Account Has Been Suspended” – WordPress Down[Fix]
Conclusion
The WordPress error Sorry, this type of file is not Permitted because of security reasons is troublesome. But, you can still fix it by following the above given steps. We hope that the tutorial was easy to follow and that it guided you successfully through the resolution of this problem.
WP Hacked Help probably remains one of the best WordPress malware scanners to improve security on WordPress. It can both play a preventive role and a curative role, helping you locate files affected by the hacking. Please refer to our posts on Best WordPress Security Plugins in 2024 & How to Secure Your WordPress Site in 2024
If you have any questions, our experts would be happy to answer them.
Other Popular Articles
- How to Fix ERR_SSL_PROTOCOL_ERROR on Google Chrome
- Best WordPress Staging Plugins 2024
- How to Block Countries In WordPress Using IP Address?
- How To Restore WordPress Site From Backup – GUIDE [2024]
- WordPress Security Headers Guide – 2024
- How to Fix “The site ahead contains harmful programs” Chrome