How To Properly Allow Unfiltered Uploads WordPress

Sometimes, your WordPress file upload process encounters an obstacle in the form of file types. It appears on your screen as the “Sorry, This File Type Is Not Permitted for Security Reasons” error message. However, you can feel relieved because this error isn’t fatal at all.

This article will help you fix the error by allowing unfiltered upload in WordPress and introducing several assisting plugins.

What Are Unfiltered Uploads in WordPress?

WordPress unfiltered_upload and unfiltered_html are not much different from each other. If users receive this permission, they are able to upload files outside of the WordPress whitelist. Those acceptable files types that you can upload to the media library by default are:

Images: jpeg, ico, jpg, png, gif

Documents: pdf, doc, docx, ppt, pptx, pps, ppsx, odt, xls, xlsx, psd

Audio: mp3, m4a, ogg, wav

Videos: mp4, m4v, mov, wmv, avi, mpg, ogv, 3gp, 3g2

As a result, unauthorized users cannot upload any file type which is not from the list above. They will see the message as mentioned above: “Sorry, this file type is not permitted for security reasons.”

After knowing its origin, it’s high time you knew how to fix it properly.

How To Allow Unfiltered Uploads in WordPress

#1 Check the File Type

There are cases when your files’ types match the list of permitted types and you still get the error message. Chances are that the name extension was either misspelled or changed. Therefore, ensure the file name extension is correct first.

If you’re a Windows user, go to your file’s original location on Windows Explorer. Choose the View tab and fill in the File name extensions check box. Then you are able to edit the extension of your files.


Similarly on MacOS, first you navigate to Finder > Preferences > Advanced then turn on Show all filename extensions.


Once the file type gains permission, re-upload it with the correct extension and you can make the error message disappear. If the message still exists, other methods are recommended.

#2 Edit wp-config.php File

Wp-config.php file modification allows you to freely upload all types of files to the Media Library. However, its main drawback is making your WordPress site less secure.

Firstly, we recommend you to backup your site before uploading because you are meddling with a system file.

  1. Navigate to your WordPress installation directory. You can either use an FTP client or File Manager.
  2. Go to public_html > wp-config.php.


3. Copy and paste this code above the line “That’s all, stop editing! Happy publishing”.


4. Save the editing.

#3 Modify functions.php File

Apart from the method above, you should also try to add the upload_mimes filter to your theme’s functions.php file. Nonetheless, this way only allows individual file types at a time rather than all of them at one time. Still, you should back up your WordPress before following our steps below:

  1. Navigate to your WordPress installation directory using File Manager or an FTP client.
  2. Go to wp-content > themes, access the functions.php file in your theme’s folder.
  3. Copy and paste this shortcode in the file then save the changes.
function my_custom_mime_types( $mimes ) {
// Add new MIME types here
$mimes[‘gpx’] = ‘text/gpsxml’;
return $mimes;

#4 Contact Host Providers

WordPress is not the only obstacle preventing you from uploading specific files. It could be that your host provider set the limit on the file types to upload stricter than WordPress. If the steps above did not work, contacting the host provider and explaining your issue should be your last resort.

#5 Use Plugins

WordPress always provides the right plugins you need. There are tons of plugins on the market that can assist you in uploading prohibited file types. The media library disables certain types of Multipurpose Internet Mail Extensions (MIME) and those plugins help you enable them.

In the next section, we will present to you some plugins to help you allow unfiltered uploads in WordPress.

Which Plugins Can Help You Allow WordPress Unfiltered Uploads?

#1 WP Extra File Types


Once you activate WP Extra File Types, you will see the type options in the main menu settings. Click on extra file types to see a list of common file types to check in and continue uploading.

Then the plugin will take care of the security. You won’t see the “sorry this file type is not permitted for security reasons” error message anymore. Thus, the system will allow your uploading process to proceed.

#2 Enhanced Media Library


Enhanced Media Library is one of those easy and simple plugins on the market. It helps you with MIME type setting, image size adjustment, and image taxonomy management in your media library.

Go to the plugin settings and tick Allow Upload next to the desired MIME types to add one. Add a custom MIME type if the one you want to enable is not in the list.

Enhanced Media Library also has a premium version that costs $25 lifetime with WordPress multisite support. With this version, you will experience features such as infinite media categories and tags and upgraded media library search filters.

#3 File Upload Types


File Upload Types enables file types that are not in WordPress’s acceptable type list. Since it lacks features, this plugin is specialized for MIME type allowance management only.

After finishing activation, you can allow a file type by navigating to the plugin’s settings. Then there is a checkbox next to a file type table for you to tick in. If you can’t locate your target file type, add a custom file type in the available fields.

Bonus Tips: Protect Any Uploads in WordPress

After uploading your files successfully, your next concern should be the security. No worries, we already have a plugin that is just right for you – Prevent Direct Access Gold.

In short, Prevent Direct Access Gold (PDA Gold) hides your files from Google so no one can find and steal them. In addition, this plugin leads unauthorized users to a 404 not found page when they try to exploit your media files.

PDA Gold also smoothen your site’s performance and save bandwidth by preventing hotlinking your content.

What Else Is Stopping You?

As stated, this annoying error is neither fatal nor hard to solve. Now with our thorough guide along with the list of plugins, what else can stop you from allowing unfiltered uploads? However, there are 2 things that you should keep in mind: always backing up your site and choosing the plugin carefully.

Do you find this article helpful? Is there any frequent issue that needs solutions? Please tell us in the comment section below.