How to Fix “Sorry, this file type is not permitted for security reasons”

This error occurred in our WordPress Newsletter plugin and our users started reporting it so we had to resolve the problem. We released version 4.6.5.2 of our Newsletter plugin in the meanwhile which has a workaround included for the error. So if the issue is in our plugin, please update it else continue reading if you are experiencing the problem/error in a different area.

UPDATE: There is currently a known issue with the allowed mime types in WordPress 4.7.1 and a bug has been logged for this. It seems like WordPress 4.7.2 will be released shortly to address the problem but in the meanwhile, use #2 in this article or the Disable Real Mime Check plugin.

WordPress filters the file types which users can upload through the media uploader and other areas of the dashboard. See the Uploading Files documentation in the WordPress for more information on which files are allowed.

If you try to upload a file which is not allowed, you will be presented with a “Sorry, this file type is not permitted for security reasons” error message but this error can be fixed easily if you have to upload a specific file which is not allowed.

How to Fix the File Type is Not Permitted Error

Here are several ways to fix the “Sorry, this file type is not permitted for security reasons” error message in WordPress. Pick one of the options below which suits you best to resolve the problem:

1. Using a WordPress Plugin

There are several WordPress plugins which you can simply install to fix the problem. Each plugin has it’s own configuration or settings though some of them do it the same way using the upload_mimes filter hook as mentioned in #3 below. Here are some plugins you can use:

• WP Add Mime Types
• Pro Mime Types
• Mime Types Plus
• Mime Types Extended
• Unsafe Mime Types

2. Add ALLOW_UNFILTERED_UPLOADS constant to wp-config.php

Open the wp-config.php file of your WordPress installation and above the line where it says /* That's all, stop editing! Happy blogging. */ add the following code anywhere:
define('ALLOW_UNFILTERED_UPLOADS', true);

For easy editing of the wp-config.php file, there is also a useful WordPress plugin you can use called WP Config File Editor. Please be careful when you use this plugin especially when you edit in raw mode that you don’t break anything in the file. I also recommend that you deactivate and delete the plugin when you are done so that it doesn’t stay there in your WordPress dashboard, it could pose a security risk.

3. Using the upload_mimes WordPress filter hook

With this option, you’ll write your own code to hook to the upload_mimes filter of WordPress and add your mime type accordingly.

First, you’ll need to check what the extension of your file is eg. csv and then you need to check what the mime type of that file extension is specifically. Here is a complete MIME Types Listwhich is useful or you can Google it accordingly. For csv for example, it is text/csv

The code you’re going to write can be placed in various places but best is to just add it to the functions.php file of your WordPress theme. So go ahead and open the functions.php file of your WordPress theme and at the very top, add this following code:

// Add this to the functions.php file of your WordPress theme

// It filters the mime types using the upload_mimes filter hook

// Add as many keys/values to the $mimes Array as needed

function my_custom_upload_mimes($mimes = array()) {

// Add a key and value for the CSV file type

$mimes['csv'] = "text/csv";

return $mimes;

}

add_action('upload_mimes', 'my_custom_upload_mimes');

In the code, change the value csv to the extension of your file and the value inside the quotes to the mime type of that extension accordingly.

4. Multi-Site Upload Files Setting

Only use this option if you are running a WordPress multi-site network installation.

Go to Network Admin Area > Settings > Upload Settings in your WordPress multi-site network panel. There is a setting called “Upload File Types” where you can add more file extensions which should be allowed on all blogs/sites on the multi-site network.

5. Ask your Hosting Provider

If you are still stuck and cannot resolve the problem, contact your hosting provider and ask them to assist you.

We provide very good WordPress hosting if you need good host with reliable, secure servers and great support.