How to Resolve “File Type Not Allowed for Security Reasons” in WORDPRESS

As a WordPress user, the time will come when you will need to upload some types of files to your site.

You may be creating a website that allows users to download files, or you may want to add an incentive gift to your email signup form.

However, you will soon find that WordPress really doesn’t like it when you upload specific file types. If you try to upload a file that WordPress doesn’t like, you will get an error saying “Sorry, this file type is not allowed for security reasons”

How to Resolve “File Type Not Allowed for Security Reasons” in WORDPRESS

Fortunately, there is an easy solution to this problem and we will walk you through it step by step.

How to Resolve “File Type Not Allowed for Security Reasons” in WordPress

First of all, this is a common mistake for most bloggers and WordPress users. So don’t be scared or panic. The problem can also be easily fixed.

The WordPress system itself is responsible for this error. Although WordPress is a content management system, it still has a very strict filtering system to accept only a few selected file types on the system.

And when trying to upload a file that is not in the list of supported WordPress files, you will encounter the error “Sorry, this file type is not allowed for security reasons.”

What Causes This Error?

As you know, there are many different types of files used by different types of applications. For example, .AI is a very common file type used by Adobe Illustrator.

This file type is widely used by designers and illustrators to save and share their work.

However, don’t be surprised if you get a “Sorry, this file type is not allowed for security reasons” error when trying to upload a .AI file to WordPress because the file type is not in the list of supported WordPress files.

Allowed File Types

This is the complete list of allowed WordPress file types by default:

Pictures :

  • .jpg
  • .jpeg
  • .png
  • .gif
  • .ico

Documents :

  • .pdf (Portable Document Format; Adobe Acrobat)
  • .doc.docx (Microsoft Word)
  • .ppt.pptx.pps.ppsx (Microsoft PowerPoint)
  • .odt (OpenDocument Text)
  • .xls,  .xlsx(Microsoft Excel)
  • .psd (Adobe Photoshop)

Audio :

  • .mp3
  • .m4a
  • .ogg
  • .wav

Video :

  • .mp4.m4v (MPEG-4)
  • .mov (QuickTime)
  • .wmv (Windows Media Video)
  • .avi
  • .mpg
  • .ogv (Ogg)
  • .3gp (3GPP)
  • .3g2 (3GPP2)

How to Solve Using Mime Type Plugin

There are several mime type plugins that help you add your own file types to the list of supported WordPress files, such as Pro Mime Types, Extended Mime Types, and  Unsafe Mimetypes. Unfortunately, most of these plugins are out of date.

In our tutorial,we will use the  WP Add Mime Types plugin as it has been updated to support the latest versions of WordPress. Feel free to try a different plugin if you prefer.

Add the WP Add Mime Types Plugin

To install the plugin, log in to your WordPress dashboard and go to Plugins> Add New.

Search for the WP Add Mime Types plugin and click the install and enable buttons to enable the plugin.

Customize Plugin with File Types

After installation, a new menu will be added to your WordPress panel under Settings> Mime Type Settings.

On this page, you can add certain types of files to add them to the WordPress system.

Search for the type of file you want to add, copy and paste it into the Add Values box .

Be sure to copy the entire line related to the file type extension you are trying to add.

Then click the Save button to save the changes. When the file type is enabled, it will be highlighted in red in the list.

The only problem with this method is that even MIME type plugins have limits when it comes to adding certain file types.

For example, the plugin does not allow the upload of .AI files.

But, the second method we are going to show now lets you avoid this problem and load any desired file.

How to Resolve Editing the WP-Config.php File

WP-Config.php is a central file used by WordPress that deals with many of the features of WordPress. You can edit this file to disable the system that prevents certain file types from loading. After that, you can upload any desired file type.

Access Your Server

You can access and download the WP-Config.php file using an FTP client or by logging into your server’s cPanel and using File Manager .

Browse to the public folder where your WordPress site is hosted and where all the main WordPress files are located.

Edit the WP-Config.php File

Then open and edit the WP-Config.php file with your favorite text editor:

After opening the file, just search for / * That’s all, stop editing! Happy blogging * / or / * That’s all, you can stop editing! 🙂 * /

Then paste the following line of code just above it:

How to Fix Using the upload_mimes Filter

If you want to solve the problem of uploading additional file types to WordPress but being selective and allowing only a controlled subset of file types, the best thing you can do is to use the filter upload_mimes. As always, you have all the information in WordPress Codex.

This filter is super easy to use. You just need to add a piece of code similar to the following to your theme’s functions.php file (preferably child theme to keep track of changes):

Line 2 indicates that the function my_mime_typeswill be performed with the filter upload_mimes.

Lines 3 through 11 define this function. my_mime_typeshas a single parameter ( $mime_types) – the list of allowed file types.

If you want to allow SVG and JSON files in the media library, just add lines 5 and 6 respectively.

Here’s how it works: To add a new file type, simply create a new list entry $mime_typeswith the file extension and the mime type .

To find the appropriate mime type for an extension, go to the official list of media types that the Internet Assigned Numbers Authority (IANA) defines.

On the other hand, you can also disable certain file types. You can prohibit the desired file types by simply unzipping their matrix entries $mime_types, as I did on lines 8 and 9, where I disabled upload of Microsoft Excel files.

Does the problem still persist?

The above methods should do the trick to help you upload almost any type of file you want in WordPress.

However, if you still get the same error, try contacting your hosting provider and seeking help. Some hosts also block some types of files for security reasons.


As you can see here, modifying the default behavior of WordPress to have more control over the types of files allowed in your installation is very simple.

If you enjoyed this article consider sharing on social networks. Follow us on social networks to follow more articles like this. If this article was helpful to you please leave your comment below so we can get your opinion.