WordPress Allow All File Types


This tutorial will show you how you can set your WordPress to override the restriction and allow all file types to be uploaded using the media library.

WordPress File Type Restrictions

WordPress by default restricts the file types you can upload using the Media Library Manager. For most of the users this security feature is very good, not allowing publishers to put their server at risk.

This are the default allowed file types you can upload:

Images

  • .jpg
  • .jpeg
  • .png
  • .gif

Documents

  • .pdf (Portable Document Format; Adobe Acrobat)
  • .doc, .docx (Microsoft Word Document)
  • .ppt, .pptx, .pps, .ppsx (Microsoft PowerPoint Presentation)
  • .odt (OpenDocument Text Document)
  • .xls, .xlsx (Microsoft Excel Document)

Audio

  • .mp3
  • .m4a
  • .ogg
  • .wav

Video

  • .mp4, .m4v (MPEG-4)
  • .mov (QuickTime)
  • .wmv (Windows Media Video)
  • .avi
  • .mpg
  • .ogv (Ogg)
  • .3gp (3GPP)
  • .3g2 (3GPP2)

If you try to upload any other file type you will get security warning Sorry, this file type is not permitted for security reasons.

WordPress FileTypes Security

Allow All File Types

There are two ways to override this. The easy way is adding the following line into your wp-config.php

define('ALLOW_UNFILTERED_UPLOADS', true);

Allow Specific File Types

The other way is to add custom WordPress hook in your themes functions.php file

add_filter('upload_mimes', 'custom_upload_mimes');
function custom_upload_mimes ( $existing_mimes=array() ) {
 // add your extension to the array
 $existing_mimes['deb'] = 'application/x-deb';
 // add as many as you like
 // removing existing file types
 unset( $existing_mimes['exe'] );
 // add as many as you like
 // and return the new full result
 return $existing_mimes;
}

The second method is better because you can restrict only the file types you want, but if you have site where your publishers upload may types of document you can disable the restriction from wp-config.php

You can choose which method you like they both work.

WordPress Uploading Files: http://codex.wordpress.org/Uploading_Files



5
Leave a Reply

avatar
3 Comment threads
2 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
MenstojanoskiAlessandro Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Alessandro
Guest
Alessandro

Hi Nikola, I’m trying to add custom WordPress hook in my theme functions.php file (second method) to import a .webarchive file to my blog, no success till now cause still says “…not permitted for security reasons”…I’m working on a MacBook, I ‘paste & copy’ your script at the top of the file, add extension ‘webarchive’ to the array but got something wrong…any suggestions? ; ) Thanx!
Alex

nstojanoski
Guest
nstojanoski

Can you please paste the $existing_mimes line? And what do you have in .webarchive file? php code? txt code? xml code?

Regards,
Nikola

Alessandro
Guest
Alessandro

I think I fixed it…seems to work fine!

add_filter(‘upload_mimes’, ‘custom_upload_mimes’);
function custom_upload_mimes ( $existing_mimes=array() ) {
// add your extension to the array
$existing_mimes[‘webarchive’] = ‘webarchive’;
// add as many as you like
// removing existing file types
unset( $existing_mimes[‘exe’] );
// add as many as you like
// and return the new full result
return $existing_mimes;
}

simply like that ;)
Thank you Nikola!

Me
Guest
Me

NOT working.

Me
Guest
Me

Adding the “false &&” here DOES work:

if ( false && ( ! $type || !$ext ) && ! current_user_can( ‘unfiltered_upload’ ) ) {

return call_user_func( $upload_error_handler, $file, __( ‘Sorry, this file type is not permitted for security reasons.’ ) );

}