How to get past the “Sorry, this file type is not permitted for security reasons” notification

This notification usually shows up when you upload a certain file format that WordPress has prohibited. WordPress tries to prevent any security issues that might show up due to file uploading vulnerabilities. These vulnerabilities might mean that some might execute malicious code that damages your website or gives others access to it.

To upload the files you need on your website, like fonts files that have the .woff2 format or SVG images, you need to circumvent this limitation.

There are two ways to get past this notification and be able to upload the files you need:

Method #1 – Upload files via FTP or a file manager plugin

The process is the same for FPT and a File Manager plugin. The only difference is that the File Manager plugin gives you access to your website’s files directly in your WordPress dashboard.

If you follow the instructions, everything should work as intended. Nonetheless, be careful what files and folders you are editing. Deleting or editing the wrong file can damage your website. If you want to be 100% safe, make sure you back-up your website first.

The first step is to log in to your website via FTP—if you don’t know how to do it, read this article. If you prefer the File Manager plugin, just navigate to the WP File Manager tab (screenshot).

Once you’re inside the files of your website, go to the Public tab → wp-contentuploads → and go to the latest date (the numbers within the folder for each year represent each month). When you get to the most recent place you uploaded a file (image, video, etc.), just drag and drop the file that you could not previously upload.

How to upload files using the WP File Manager plugin

Note: if you use the Fonto plugin to upload custom fonts, you should upload the .woff2 files in the URL path where you uploaded the previous fonts. In the example below, the fonts are in wp-contentuploadsfonts1867 folder.

Method #2 – Temporarily enable the ability to upload other file types

This method allows you to upload the files you need straight via the Media tab from WordPress. To do so, follow the steps below:

  1. Go to PluginsAdd new → Search for “WP Add Mime Types” and click on Install. Once it installs, click on Activate.
  2. Navigate to SettingsMime Type Settings and scroll to the list of allowed mime types until you find the one you need (e.g., woff2 = font/woff2 for the .woff2 font format or svg = image/svg+xml for .svg format)
  3. In the Add Values field, copy and paste the values from the list of allowed mime types.
  4. Navigate to Media and drag and drop the files you need.
How to enable new mime types in WordPress

Once you are done uploading, if you want to re-enable WordPress’s security checks for certain file types, you need to deactivate the WP Add Mime Types plugin.

Updated on November 10, 2020

Can't find what you’re looking for? Ask a human.

We're a small team of real people providing real help. Send us an email at [email protected] and we will give you a helping hand.