How to Upload Additional File Types in WordPress

Published in WordPress.

Being able to manage all the files we upload in WordPress in one place (the media library) is something very useful. Some say the media library could be improved—some requested features are still missing, like file tagging, sorting by topic or by file extension, or searching for duplicates—, but its usefulness is clear when reusing or sharing files between our contents without having to upload them more than once.

Maybe you didn’t know that, but WordPress only allows file uploading into the media library if such files meet certain conditions. Specifically, you can only upload the following file types by default in a standard WordPress installation:

  • Images
    • .jpg
    • .jpeg
    • .png
    • .gif
    • .ico
  • Documents
    • .pdf (Portable Document Format; Adobe Acrobat)
    • .doc, .docx (Microsoft Word Document)
    • .ppt, .pptx, .pps, .ppsx (Microsoft PowerPoint Presentation)
    • .odt (OpenDocument Text Document)
    • .xls, .xlsx (Microsoft Excel Document)
    • .psd (Adobe Photoshop Document)
  • Audio
    • .mp3
    • .m4a
    • .ogg
    • .wav
  • Video
    • .mp4, .m4v (MPEG-4)
    • .mov (QuickTime)
    • .wmv (Windows Media Video)
    • .avi
    • .mpg
    • .ogv (Ogg)
    • .3gp (3GPP)
    • .3g2 (3GPP2)

However, it’s not always possible to upload all these file types—some hosting providers limit the set of valid file types and even the maximum file size you can upload in your installation. If you have problems uploading some permitted file types, contact your provider first to get an explanation.

When trying to upload a .SVG image in WordPress you get an error.
When trying to upload a .SVG image in WordPress you get an error.

Recently we received a comment asking us how to expand the list by adding more file types. As surely there are more people interested in learning how to do this, in this post I explain the solution.

Modiying wp-config.php

If you do not want to limit the file types and thus upload any file into the media library, the easiest way to follow is to add the following line in the wp-config.php file:

define( 'ALLOW_UNFILTERED_UPLOADS', true );

The wp-config.php file allows us to modify the default behavior of WordPress. You’ll find it in the root of your server. Using the above statement we are allowing all administrators to upload any file type. Note that this can be dangerous if you do not trust too much your administrators and what they can do. Be careful when adding this statement or you might end up regretting your decision 🙃

Using the upload_mimes filter

If you want to solve the problem of uploading additional file types to WordPress, but being selective and only allowing a controlled subset of file types, the best you can do is use the upload_mimes filter. As always, you have all the information in the Codex.

This filter is super easy to use. You only need to add a piece of code similar to the following in the functions.php file of your theme or inside a new plugin of your own:

You can ignore the first line (<?php), which simply opens a block of PHP code. Line 2 indicates that the function my_mime_types will be executed with the upload_mimes filter. Lines 3 to 10 define this function. my_mime_types has one single parameter ($mime_types)—the list of allowed file types.

If you want to allow SVG and JSON files in the media library, just add lines 4 and 5, respectively. This is how it works: to add a new file type, you just have to create a new entry in the $mime_types list with the file extension and mime type. To find the proper mime type of an extension go to the official list of media types that the IANA (Internet Assigned Numbers Authority) defines.

On the other hand, you can also disable certain file types. You can prohibit the file types you want by simply unsetting their entries in the $mime_types array, as I did in lines 7 and 8, where I disabled Microsoft Excel file uploading.

Summary

As you can see here, modifying the default behavior of WordPress to have greater control over the file types you allow in your installation is very simple. And best of all, you don’t need to install a complex plugin for this. With just a few lines of PHP code or even editing the wp-config.php file you’ll get what you want.

Now it’s your turn. Explain us which file types you miss in WordPress and your experience using the solutions I have proposed in this article.

Featured image by Andrew Pons.

PoorNot badGoodGreatExcellent (13 votes, average: 3.46 out of 5)
Loading...

25 thoughts on “How to Upload Additional File Types in WordPress

  1. Hi Antonio

    I’ve tried both options, and I’m using Caldera forms for a getting quotes. However, with either option I still can’t add custom file types such as Photoshop (.psd), this is essential for the website, is there anything else I can try? Many thanks in advance for your help 🙂

    1. You should contact Caldera forms developers. Probably that plugin does not allow uploading Photoshop files and our solution does not work with it.

  2. What about file types other than those on the iana list, how does one enable their upload?

    Mike

  3. Sure! I’ve made custom maps for civ5 and my friends want me to post them. So I’m trying to upload xyz.civ5map files and get the “Sorry, this file type is not permitted for security reasons” message at the upload media page. Adding
    define( ‘ALLOW_UNFILTERED_UPLOADS’, true );
    to wp-config.php did not solve the problem.

    Mike

    1. I see. Did you try to investigate which is the media type of the file? On UNIX systems you can execute file --mime-type xyz.civ5map. Maybe that would tell you the media type of the file and then the process would work…

      1. Antonio,

        That worked like a charm.

        Thanks,

        Mike

  4. Hello Antonio,
    I would like to post *.set files on my website
    but after adding the above statement in the config file it still doesn’t work.
    What else should I change?

  5. i believe that adding the config define( ‘ALLOW_UNFILTERED_UPLOADS’, true ); is a bad practice.

    It is much better to do it on demand and only allow certain file types.

  6. Doesn’t work for me, I get this message:

    Common.json
    Sorry, this file type is not permitted for security reasons.

    WP Version 4.9.8

    1. Maybe your hosting is blocking the file types. Try to contact them. Surely they’ll be able to help you.

  7. Hi Antonio.

    Thanks for your article, i think it’s great 🙂 If we’re talking about programming i’am a at a very beginner stage. I need the classified theme for wordpress that would allow user to post ads with attachment other than standard (but save – for example .stl or .obj).

    I’ve been trying to find the right place in the function.php of my theme to add your script. Do you think that modifying that line with “post_mime_type’ => ‘image’,” to script presented in your article would give some effect?

    /*==========================
    Prints the attached image with a link to the next attached image.
    @return void
    @since v 1.0
    ===========================*/
    if ( ! function_exists( ‘theme_the_attached_image’ ) ) :
    function theme_the_attached_image() {
    $post = get_post();
    $attachment_size = apply_filters( ‘theme_attachment_size’, array( 724, 724 ) );
    $next_attachment_url = wp_get_attachment_url();

    /**
    * Grab the IDs of all the image attachments in a gallery so we can get the URL
    * of the next adjacent image in a gallery, or the first image (if we’re
    * looking at the last image in a gallery), or, in a gallery of one, just the
    * link to that image file.
    */
    $attachment_ids = get_posts( array(
    ‘post_parent’ => $post->post_parent,
    ‘fields’ => ‘ids’,
    ‘numberposts’ => -1,
    ‘post_status’ => ‘inherit’,
    ‘post_type’ => ‘attachment’,
    ‘post_mime_type’ => ‘image’,
    ‘order’ => ‘ASC’,
    ‘orderby’ => ‘menu_order ID’
    ) );

    // If there is more than 1 attachment in a gallery…
    if ( count( $attachment_ids ) > 1 ) {
    foreach ( $attachment_ids as $attachment_id ) {
    if ( $attachment_id == $post->ID ) {
    $next_id = current( $attachment_ids );
    break;
    }
    }

    // get the URL of the next image attachment…
    if ( $next_id )
    $next_attachment_url = get_attachment_link( $next_id );

    // or get the URL of the first image attachment.
    else
    $next_attachment_url = get_attachment_link( array_shift( $attachment_ids ) );
    }

    printf( ‘%3$s‘,
    esc_url( $next_attachment_url ),
    the_title_attribute( array( ‘echo’ => false ) ),
    wp_get_attachment_image( $post->ID, $attachment_size )
    );
    }
    endif;

  8. Hi Antonio.

    It’s a great article. i would like to try to use it to solve my trouble but i’m not sure if i’m doing it right. I would like to set up some classified site on wordpress theme with possibility of adding listing with custom attachments like .stl or .obj. But all wordpress classified themes are not allowing those attachments (only images).

    I’m trying to modify function.php of my theme and add there your function my_myme_types, do you thing i should paste it between this function below or as a seperate function?:

    /*==========================
    Insert attachments front end
    ===========================*/
    function theme_insert_attachment($file_handler,$post_id,$setthumb=’false’) {

    // check to make sure its a successful upload
    if ($_FILES[$file_handler][‘error’] !== UPLOAD_ERR_OK) __return_false();

    require_once(ABSPATH . “wp-admin” . ‘/includes/image.php’);
    require_once(ABSPATH . “wp-admin” . ‘/includes/file.php’);
    require_once(ABSPATH . “wp-admin” . ‘/includes/media.php’);

    $attach_id = media_handle_upload( $file_handler, $post_id );

    return $attach_id;
    }

    1. Hi Szymon. Let’s start with the basics. You shouldn’t modify the code of your theme directly because any update of your theme will override the changes. You should try to work with a child theme instead. On the other side, the code of the function my_myme_types only allows you to be able to upload in the WordPress media library files with extensions (or mime-types) different from the common ones. You can use it for that purpose only. If what you want to do implies modifications of a WordPress theme (or the functionality behind it), you should contact to the theme author directly and ask him/her for help. That being said, I’m not able to fully understand what is the scenario you want to achieve nor how the theme works when allowing the loading of that .stl or .obj files. Unfortunately I’m not very helpful here.

  9. Ola Antonio,

    I ran into the problem that customers suddenly were’nt able anymore to upload a file when ordering in the webshop as they did for years. I’ve checked everything there is to check for but no result. Now I hope the solution is applying the mime filter. But, does that mean that all the other allowed mime types by wordpress are rejected?

    Hope to hear from you soon.

    1. Hi! You should check what has changed in your site. If everything worked fine before, maybe a plugin has been updated or even WordPress itself and now it caused the problem. Note that recently WordPress released the 5.0 version with lots of changes (including a new block editor). Things don’t go wrong without a reason. Something may have caused your issue. Anyway, about your question, if you add additional mime types through code, that won’t affect the current files supported by WordPress. You’re just adding more supported files.

  10. HI
    im uploading csv files. 2 MB goes fine, but for bigger files I got error “Sorry, This File Type Is Not Permitted For Security Reasons” PHP allows bigger files on another WP site. How to fix such problem?
    Thanks
    Greg

    1. Hi Grzegorz. If the problem is the file size, try to increase the allowed size in your WordPress installation. Your hosting provider may help you here. Just take a look at the instructions provided here as an example of what you can do.

  11. Awesome, I personally prefer the mimes approach. Adding define( ‘ALLOW_UNFILTERED_UPLOADS’, true ); can be extremely dangerous in environments with lots of users.

Leave a Reply

Your email address will not be published. Required fields are marked: •

I have read and agree to the Nelio Software Privacy Policy

Your personal data will be located on SiteGround and will be treated by Nelio Software with the sole purpose of publishing this comment here. The legitimation is carried out through your express consent. Contact us to access, rectify, limit, or delete your data.