“Sorry, this file type is not permitted for security reasons”.

Uploading files outside of WordPress default allowed files will give you the error message “Sorry, this file type is not permitted for security reasons.”. This is a security feature done by WordPress to avoid vulnerabilities from being uploaded.

There is a quick fix: Adding the line below to your wp-config.php file will allow files outside of WordPress defaults to be uploaded. In a standard WordPress installation, your wp-config.php file will be located in this path ~/public/wp-config.php. The wp-config.php file can be edited after logging into your site using either SFTP or SSH. Note that this may break functionality on your site depending on what you are adding. As a security measure, you should also remove the define() rule after you have uploaded your files in WordPress.

define( 'ALLOW_UNFILTERED_UPLOADS', true );

An example of this being added in the wp-config.php file. The define rule is added after the $table_prefix and before /* That's all, stop editing! Happy publishing. */:

Stian Nilsen

Latest

Technical Resources

“Sorry, this file type is not permitted for security reasons”.

Latest

Git Deploy Scripts

How to Set up HSTS Headers on Accelerated Domains

How to set up Logrotate

What is Cross-Origin Resource Sharing (CORS)?

How to Lower Your Dynamic Requests Usage

How to Replace all Plugins After a Hack

What is a Cookie, and how can it Break Cache?

What are PHP Directives and how can I use them?

Why Does Support need to ask me for Site Access?