Uploading files outside of WordPress default allowed files will give you the error message “Sorry, this file type is not permitted for security reasons.”. This is a security feature done by WordPress to avoid vulnerabilities from being uploaded.
There is a quick fix: Adding the line below to your wp-config.php file will allow files outside of WordPress defaults to be uploaded. In a standard WordPress installation, your wp-config.php file will be located in this path ~/public/wp-config.php. The wp-config.php file can be edited after logging into your site using either SFTP or SSH. Note that this may break functionality on your site depending what you are adding. As a security measure, you should also remove the define rule after you have uploaded your files in WordPress.
define( 'ALLOW_UNFILTERED_UPLOADS', true );
An example of this being added in the wp-config.php$table_prefix and before /* That's all, stop editing! Happy publishing. */:
