WordPress Allow All File Types

Posted on By Nikola Stojanoski

This tutorial will show you how you can set your WordPress to override the restriction and allow all file types to be uploaded using the media library.

WordPress File Type Restrictions

WordPress by default restricts the file types you can upload using the Media Library Manager. For most of the users this security feature is very good, not allowing publishers to put their server at risk.

This are the default allowed file types you can upload:

Images

  • .jpg
  • .jpeg
  • .png
  • .gif

Documents

  • .pdf (Portable Document Format; Adobe Acrobat)
  • .doc, .docx (Microsoft Word Document)
  • .ppt, .pptx, .pps, .ppsx (Microsoft PowerPoint Presentation)
  • .odt (OpenDocument Text Document)
  • .xls, .xlsx (Microsoft Excel Document)

Audio

  • .mp3
  • .m4a
  • .ogg
  • .wav

Video

  • .mp4, .m4v (MPEG-4)
  • .mov (QuickTime)
  • .wmv (Windows Media Video)
  • .avi
  • .mpg
  • .ogv (Ogg)
  • .3gp (3GPP)
  • .3g2 (3GPP2)

If you try to upload any other file type you will get security warning Sorry, this file type is not permitted for security reasons.

WordPress FileTypes Security

Allow All File Types

There are two ways to override this. The easy way is adding the following line into your wp-config.php

define('ALLOW_UNFILTERED_UPLOADS', true);

Allow Specific File Types

The other way is to add custom WordPress hook in your themes functions.php file

add_filter('upload_mimes', 'custom_upload_mimes');
function custom_upload_mimes ( $existing_mimes=array() ) {
 // add your extension to the array
 $existing_mimes['deb'] = 'application/x-deb';
 // add as many as you like
 // removing existing file types
 unset( $existing_mimes['exe'] );
 // add as many as you like
 // and return the new full result
 return $existing_mimes;
}

The second method is better because you can restrict only the file types you want, but if you have site where your publishers upload may types of document you can disable the restriction from wp-config.php

You can choose which method you like they both work.

WordPress Uploading Files: http://codex.wordpress.org/Uploading_Files

Related articles

Disable WordPress Automatic Update

WordPress

Remove Query String from WordPress CSS and JS files

WordPress

Regenerate Thumbnails and Image Sizes in WordPress

WordPress
Subscribe
Notify of
guest
5 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Alessandro
Alessandro
9 years ago

Hi Nikola, I’m trying to add custom WordPress hook in my theme functions.php file (second method) to import a .webarchive file to my blog, no success till now cause still says “…not permitted for security reasons”…I’m working on a MacBook, I ‘paste & copy’ your script at the top of the file, add extension ‘webarchive’ to the array but got something wrong…any suggestions? ; ) Thanx!
Alex

0
Reply
nstojanoski
nstojanoski
9 years ago
Reply to  Alessandro

Can you please paste the $existing_mimes line? And what do you have in .webarchive file? php code? txt code? xml code?

Regards,
Nikola

0
Reply
Alessandro
Alessandro
9 years ago
Reply to  nstojanoski

I think I fixed it…seems to work fine!

add_filter(‘upload_mimes’, ‘custom_upload_mimes’);
function custom_upload_mimes ( $existing_mimes=array() ) {
// add your extension to the array
$existing_mimes[‘webarchive’] = ‘webarchive’;
// add as many as you like
// removing existing file types
unset( $existing_mimes[‘exe’] );
// add as many as you like
// and return the new full result
return $existing_mimes;
}

simply like that ;)
Thank you Nikola!

0
Reply
Me
Me
9 years ago

NOT working.

0
Reply
Me
Me
9 years ago

Adding the “false &&” here DOES work:

if ( false && ( ! $type || !$ext ) && ! current_user_can( ‘unfiltered_upload’ ) ) {

return call_user_func( $upload_error_handler, $file, __( ‘Sorry, this file type is not permitted for security reasons.’ ) );

}

0
Reply

Advertisement