Disclaimer: Please be aware that allowing such files to be uploaded may cause security issues and so we don't recommend you go with this if you don't really need to use other extensions than WordPress allows.
Sometimes when you try to upload a file in WordPress, you encounter this message:
That message is not related to the active theme, it's coming from WordPress which forbids certain files to be uploaded, for security reasons. You can find a full list of permitted files here.
There are several ways in which you can upload forbidden extensions.
Using plugins:
You can use any of the following plugins on your site and configure it to allow to upload file types on your site:
Easy SVG Support (though this plugin is related to SVG, it should allow you to upload files that are not possible to upload due to security reasons)
Using the upload_mimes WordPress filter hooks:
If you chose this option, you need to to write a code to hook to the upload_mimes filter of WordPress and add the mime type accordingly.
First, check what extension the file has, for example *.csv and then you need to check the mime type of that file extension. You can find a complete MIME Types List here. Foe example, for CSV is text/csv .
After you have the mime type for the file, place this code in functions.php of the child theme:
function my_custom_upload_mimes($mimes = array()) {// Add a key and value for the CSV file type
$mimes['csv'] = "text/csv";
return $mimes;
}
add_action('upload_mimes', 'my_custom_upload_mimes');In the code, change the value csv to the extension of your file and the value inside the quotes to the mime type of that extension accordingly.
Another solution: If the above solutions don't help, then please add the below line of code to the end of the wp-config.php file from your WordPress installation:
define('ALLOW_UNFILTERED_UPLOADS', true);
If you want, you can use the below plugin to access FTP from the WordPress dashboard:
Disclaimer: After doing the above change and uploading the font, please make sure the code is removed from wp-config.php in order to prevent any possible security problems. (as leaving that code on your website will allow all kinds of file uploads by your WordPress users, possibly leading to security vulnerabilities).
Contacting the web host:
If any of the above solutions didn't work then it means that your web host doesn’t support various types of files to be uploaded on the server due to security reasons, so you can contact your web host to resolve it.
Looking for better hosting? We recommend Divi Hosting which is optimized and configured specifically for the Divi Theme and comes with Divi preinstalled. 😄