How to fix “this file type is not permitted for security reasons” in WordPress

Home » PHP » How to fix “this file type is not permitted for security reasons” in WordPress
December 9, 2015 PHP No Comments

In WordPress, files with certain extensions (e.g., .exe, .bz2, .zip) are forbidden to upload to the media library for security reasons. This security feature is known as “filtered upload.” In some cases, however, you may want to override this default security policy, and allow some file types which are otherwise blacklisted. In fact, there are ways to disable or customize file type blacklist in WordPress.

Allow All File Types in File Upload

If you want to turn off filtered upload policy altogether, so that you can upload arbitrary types of files to WordPress, do the following.

Open wp-config.php of your WordPress site with any text editor, and add the following line somewhere in the file.

1
define('ALLOW_UNFILTERED_UPLOADS', true);

This will turn off file-type filter during file uploading on WordPress.

Enable File Upload for a Specific File Type

If you want to be able to upload files with a specific file extension which is otherwise blocked by default, add the following code in functions.php of your WordPress theme.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
function enable_extended_upload ( $mime_types =array() ) {
// The MIME types listed here will be allowed in the media library.
// You can add as many MIME types as you want.
$mime_types['gz'] = 'application/x-gzip';
$mime_types['zip'] = 'application/zip';
$mime_types['rtf'] = 'application/rtf';
$mime_types['ppt'] = 'application/mspowerpoint';
$mime_types['ps'] = 'application/postscript';
$mime_types['flv'] = 'video/x-flv';
// If you want to forbid specific file types which are otherwise allowed,
// specify them here. You can add as many as possible.
unset( $mime_types['exe'] );
unset( $mime_types['bin'] );
return $mime_types;
}
add_filter('upload_mimes', 'enable_extended_upload');

LEAVE A COMMENT