How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress

One day, while working on my WordPress site, I encountered an error message that read, “Sorry, This File Type Is Not Permitted for Security Reasons.” This was inconvenient because I had to upload a file that was necessary for the site’s work. The WordPress system blocks some file types by default to eliminate possible risks.

This error states that the type of file you are uploading is not permitted. When you understand why WordPress has implemented certain limitations, you are well-positioned to address the solutions offered. 

If you operate a WordPress website, you may be faced with an error message. Such issues can be annoying when, for example, you are trying to upload a file, which is crucial for the site’s running. WordPress has a default setting that prevents some file types from uploading due to security risks.

A self-hosted WordPress is a savior in such situations, offering greater control and flexibility to address these issues. Understanding why these restrictions exist makes it easier to find solutions.

Common Causes of the Error

The primary reason for this error is WordPress’s default file type restrictions. These restrictions protect your site from potential security risks associated with certain file types. 

In my case, it was a simple SVG file that WordPress didn’t recognize as safe. Other contributing factors might include server configurations and specific security settings on your site, which may require you to fix the “sorry, you don’t see the file” error. 

Ensure these settings include permissions for uploading file types in WordPress. WordPress has built-in security measures that restrict certain file types to prevent potential threats. Such situations can often result in the ‘Sorry. This File Type Is Not Permitted for Security Reasons’ error when trying to upload less common or potentially unsafe files.

Security Settings

Security plugins or settings within your WordPress installation can further restrict the types of files that can be uploaded, contributing to the error. Server settings or configurations, such as those in your .htaccess file or MIME-type settings, can restrict specific file uploads. Misconfigurations or stringent security settings at the server level might cause this error.

.File Size Restrictions

This error may occur because the individual file type is blocked by server settings or WordPress settings if it is allowed for large file-size uploads. Similarly, it may also be caused by the WordPress plugin no longer supported by the current version or flawed security settings.

How to Fix “Sorry, This File Type Is Not Permitted for Security Reasons” Error in WordPress | Solutions to Fix the Error

1. Modify the wp-config.php File

One of the quickest ways to bypass this restriction is to modify the wp-config.php file. Adding the following line of code will help you upload any file type without limitations by enabling unfiltered uploads:

define(‘ALLOW_UNFILTERED_UPLOADS’, true);

I added this line to the wp-config.php file in my WordPress installation’s leading directory. Making these changes allowed me to upload any file type I needed. After saving the changes, I could upload the file without any issues.

However, this method poses significant security risks, as it allows any file type to be uploaded. Use this method with caution and consider other more secure options first. The “white screen of death” is a standard WordPress error. This issue often occurs due to PHP errors, plugin conflicts, or exhausted memory limits. If you need further assistance with troubleshooting, you might also want to learn how to address the WordPress white screen of death error.

2. Use a Plugin to Manage File Types

Several plugins can help manage and allow additional file types without compromising security. I found this method to be both secure and user-friendly.

WP Extra File Types Plugin

This plugin allows you to add custom file types easily. Here’s how I did it:

1. Please install and Activate the Plugin. I searched for and installed the WP Extra File Types plugin in the WordPress plugin repository.
2. Configure the Plugin: I navigated to Settings > Extra File Types after activation. Here, I could add the file types I wanted to allow, like SVG and ZIP files, and then save the changes.

This secure solution allowed me to manage file types through an easy-to-use interface.

File Manager Plugins

File manager plugins are typically more developed as they offer a way to manage a site’s files directly from the WordPress panel.

I used WP File Manager for this purpose. It provided a graphical interface for file management, making it easier to handle uploads and permissions without delving into server directories.

3. Update the Functions.php File

Another method to allow additional file types is manually adding an MIME type to your theme’s functions.php file.

Here’s how I did it:

1. Access the Functions.php File: I opened the theme’s functions.php file via the WordPress dashboard or an FTP client.
2. Add the MIME Types: I added the following code snippet to allow SVG and ZIP files:
   function my_custom_mime_types($mimes) { $mimes[‘svg’] = ‘image/svg+xml’; $mimes[‘zip’] = ‘application/zip’; return $mimes; } add_filter(‘upload_mimes’, ‘my_custom_mime_types’);

1. Save and Upload: After saving the changes, I was able to upload the previously restricted file types without any issues.

This method lets you specify which MIME types should be permitted for uploads.

4. Adjust Server Settings

Modifying server settings can also resolve this issue. This process involves making changes to your .htaccess file or server configuration files to allow specific MIME types.

.htaccess File Modifications

I added MIME types to my .htaccess file to permit uploads:

AddType application/zip .zip

AddType image/svg+xml .svg

This method ensures that the server recognizes and allows these file types.

Server MIME Type Configurations

For more advanced users, modifying the server configuration (e.g., on Apache or Nginx) to include the necessary MIME types can resolve the problem. I edited the server configuration file to add the required MIME types, ensuring my server could handle the file formats I needed.

5. Utilize WordPress Multisite Configuration (if applicable)

If you’re using WordPress Multisite, you can enable specific file types across your network by adjusting the network settings.

1. Access Network Settings: I visited My Sites > Network Admin > Settings.
2. Modify Upload Settings: I scrolled down to Upload Settings and added the file extensions I wanted to allow across the network.

This method ensures consistency across all sites in the network. Each site can then upload any permitted file type.

Security Considerations

The improvement in performance and reliability has been impressive, especially after resolving the below-mentioned issues.

• Audit Uploaded Files Regularly: I regularly check the files uploaded to my site to ensure that no malicious files are present.
• Keep WordPress and Plugins Updated: Ensuring my WordPress installation and plugins are up-to-date helps mitigate security vulnerabilities.
• Implement Strong Security Measures: To protect my site from threats, I use firewalls and malware scanners, and behind that, I have DDoS-protected hosting. Additionally, checking permitted file types can enhance security.

These practices help maintain a balance between functionality and security.

Advanced Fixes

If the essential solutions don’t work, consider these advanced fixes:

Disable Antivirus/Firewall

Antivirus and firewall software can sometimes block certain file types. Temporarily turning these off can help determine if they are causing the problem.

• Windows:
  
  1. Access Windows Security: I opened the Start menu and searched for “Windows Security.”
  2. Turn off the Firewall to resolve any issues related to file upload types.: I navigated to “Firewall & network protection,” selected my active network, and turned off the firewall. After this, I checked if the error persisted.
• macOS:
  
  1. Access Security & Privacy in your WordPress admin.: I went to System Preferences > Security & Privacy.
  2. Disable Firewall: I selected the “Firewall” tab and turned off the firewall.

Performing this check helped me determine if my security software was interfering with the upload process.

Reset TCP/IP

Resetting the TCP/IP stack can resolve network configuration issues that might be causing the file upload error.

Windows:

1. Open Command Prompt: I opened Command Prompt as an administrator.
2. Reset TCP/IP: I entered netsh int ip reset and pressed Enter. After restarting my computer, the network configuration was reset.

MacOS:

1. Access Network Settings: I went to System Preferences > Network.
2. Renew DHCP Lease: I selected my network, clicked “Advanced,” navigated to the TCP/IP tab, and clicked “Renew DHCP Lease.”

These steps helped refresh the network settings, resolving any underlying issues.

Check Hosts File

Issues can occur if the host file is misconfigured and you override DNS with it. To avoid conflict, confirm that your server accepts only the right file types in WordPress.

Windows:

1. Access Hosts File: I navigated to C:\Windows\System32\drivers\etc\hosts.
2. Edit Hosts File: Using a Text editor, I checked for any incorrect entries that might be causing the issue. Next, I tried to upload a file to WordPress to verify the fix.

MacOS/Linux:

1. Open Terminal: I opened Terminal and entered sudo nano /etc/hosts to edit your wp-config.php file.
2. Edit Hosts File: I verified for having wrong entries and changed them as needed. If you still face any such error, you should learn how to resolve the ERR_CONNECTION_REFUSED error.

Conclusion

However, the annoying message stating “Sorry, This File Type Is Not Permitted for Security Reasons” in WordPress can be resolved. Well, it is essential to know the common problems that cause this issue and that with their correct solutions, one can easily upload the required files without any hassles or risks of a website. For example, when you need to solve the ‘sorry you don’t see the file’ issue on your Mac OS X, you should only use secure methods for a task and do a security audit on your site constantly.