fbpx

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

Are you seeing ‘Sorry, this file type is not permitted for security reasons’ error in WordPress?

You can upload most common file types in WordPress without any error. However, you may see this error if the file type is not supported by WordPress.

In this article, we will show you how to easily fix ‘Sorry, this file type is not permitted for security reasons’ error in WordPress.

What Causes the “Sorry, This File Type Is Not Permitted for Security Reasons” Error?

The error “Sorry, this file type is not permitted for security reasons” appears when you try to upload a file type that WordPress does not support.

You may have seen this error message appear when trying to add a new file in your Media Library.

Uploading a file in Media Library that shows the file not permitted security message

For security reasons, WordPress restricts the file types you can upload through your WordPress admin. The permitted file types include all common images, video, document, and audio formats.

One solution to fix this problem is to upload the files through FTP or your WordPress hosting file manager section.

However, it is not as convenient as using the built-in WordPress media library.

So let’s take a look at how to fix the “Sorry, this file type is not permitted for security reasons” error in WordPress.

  • Check and fix file type extension spelling
  • Allow new file types in WordPress with File Upload Types plugin
  • Keeping your website secure when allowing additional file types

Check and Fix the File Type Extension Spelling

If you are trying to upload a common file type that you have previously uploaded without seeing this error, then it is likely that you have misspelled the file extension.

A file extension is the 3 or 4 letter filetype suffix that appears at the end of file names on your computer. For instance, an image file may be named holidayphoto.png where holidayphoto is the file name and png is the extension.

These extensions are used by many programs and applications including WordPress to recognize file types. Following are the default file types and extensions allowed by WordPress:

Images: .png, .gif, .jpg, .jpeg, .ico
Documents: .pdf, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pps, .ppsx, .odt, .psd
Audio: .wav, .mp3, .m4a, .ogg
Video: .mp4, .m4v, .mpg, .mov, .wmv, .avi, .ogv, .3gp, .3g2

Tip: Although you can upload videos to WordPress, we always recommend uploading your videos to a video hosting site instead. This helps protect your website’s speed and performance.

When you get this error, the first thing we recommend is checking the file extension to make sure it is correct. Sometimes, you may accidentally delete a file name extension or mistype it while editing or saving a file on your computer.

On Windows 10, you can easily check file extensions. Simply open the folder that contains your file and click on the ‘View’ link at the top of the window. From here, you need to check the ‘File name extensions’ box.

Setting file extensions to display after your filenames

After checking that box, you will now see the extension after file names.

The file extension is now displaying

Note: This will show the extension for all files on your computer, not just the ones in this folder.

Mac users can view file extensions by opening the Finder app and going to Finer » Preferences from the top menu.

Show file extension on Mac

This will bring up the Preferences popup where you need to click on the ‘Advanced’ tab and make sure that the box next to ‘Show all filename extensions’ option is checked.

Now that you can view the file name extensions, locate the file you were trying to upload and make sure it has the correct extension.

If the extension is incorrect, then you can simply right-click and select the ‘Rename’ option to change the file name and add the correct extension.

Allow New File Types in WordPress with the File Upload Types Plugin

If you are uploading a file type that is not supported by WordPress, then you can still upload it by adding it as a supported file type.

The File Upload Types plugin is the easiest way to fix the “Sorry, this file type is not permitted for security reasons” error. This was co-created by WPBeginner’s founder, Syed Balkhi.

First, you need to install and activate the File Upload Types plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, go to the Settings » File Upload Types page in your WordPress admin area. Then, simply type your file type into the search box.

Search for the file type you want to enable

Next, check the box next to the file type(s) that you want to enable and click on the ‘Save Settings’ button at the bottom of the screen to store your changes.

Enabling your chosen file type in File Upload Types

Now, go ahead and return to the media library. You will be able to add your file(s) without getting an error message.

Successfully uploading your file without getting a security error message

Keeping Your WordPress Site Secure When Permitting Additional File Types

The reason WordPress blocks many file types is to help keep your WordPress website secure.

When you enable additional file types, we strongly advise that you take some security measures to protect your site.

You should:

  • Restrict non-registered users, so they can only upload the file types that they need to upload. The best way to do this is with a file upload form.
  • Use a WordPress security plugin to monitor your site for vulnerabilities.
  • Regularly scan your WordPress site for potentially malicious code.
  • Consider limiting the size of uploaded files to stop users from uploading large files that may contain malware.
  • Add user activity logging, so you have records of which user uploaded which file

Leave a Reply

Your email address will not be published. Required fields are marked *