In WordPress, you get the “Sorry, This File Type Is Not Permitted for Security Reasons” error when you try to upload certain files to the Media library. Similarly, in WooCommerce you may get the same error when you try to upload a downloadable product download files.
Why is that? Well, by default WordPress only allows certain file extensions to be uploaded to the site. For example PNG, JPG, PDF, PPT, DOC, MP3 and MP4 are within the allowed file types – the reason being they are “safe” and won’t contain malicious code that could create problems within a WordPress install.
The thing is – I’ve started selling my first downloadable product (a mini-plugin) here on Business Bloomer and I needed to upload a ZIP file (the mini-plugin), a JSON file (a Code Snippet export file for those who don’t like plugins) and a TXT file (the plugin’s raw code for those who like to play with PHP). All went smoothly for the ZIP upload, but as soon as I tried uploading the JSON and TXT files I got the “Sorry, This File Type Is Not Permitted for Security Reasons” error.
Panic? Not really. It’s only a matter of finding the right code to change this default WordPress behavior. So, say hello to the “upload_mimes” filter, which allows us to do just that. Enjoy!
PHP Snippet: Allow Any File Extension Upload @ WooCommerce Downloadable Product / WordPress Media Library
In the snippet below I’m allowing both JSON and TXT file uploads to WordPress. The first snippet tells WordPress to allow them, the second part is another requirement for certain file extensions as WordPress runs a validation upon Media upload and we need to make sure JSON and TXT are covered.
/**
* @snippet Fix "Sorry File Type Not Permitted" @ WooCommerce Downloadable Product + WordPress Media Library
* @how-to Get CustomizeWoo.com FREE
* @author Rodolfo Melogli
* @compatible WooCommerce 5
* @community https://businessbloomer.com/club/
*/
add_filter( 'upload_mimes', 'bbloomer_custom_mime_types' );
function bbloomer_custom_mime_types( $mimes ) {
if ( current_user_can( 'manage_woocommerce' ) ) {
$mimes['txt'] = 'text/plain';
$mimes['json'] = 'text/plain';
}
return $mimes;
}
add_filter( 'wp_check_filetype_and_ext', 'bbloomer_correct_filetypes', 10, 5 );
function bbloomer_correct_filetypes( $data, $file, $filename, $mimes, $real_mime ) {
if ( ! empty( $data['ext'] ) && ! empty( $data['type'] ) ) {
return $data;
}
$wp_file_type = wp_check_filetype( $filename, $mimes );
if ( 'json' === $wp_file_type['ext'] ) {
$data['ext'] = 'json';
$data['type'] = 'text/plain';
} elseif ( 'txt' === $wp_file_type['ext'] ) {
$data['ext'] = 'txt';
$data['type'] = 'text/plain';
}
return $data;
}
Great help! Somehow I read over a few tingies I gues. Finally get everything working the way you intended when writing the code! Thanks! But now I stumble across a new problem selling downloadable maps on our site. Everything works great when adding to cart and paying but ….
Then the invoice and download link, keep persisting giving an error ‘Invalid download link. Return to shop’. Been trying to figure it out all day and yesterday evening, it sees to be an error that e few woocommerce users have but I can’t seem to find a real solution. Tried most but re-installing the entire site … De-activated all plug-ins with no luck. It seems Woocommerce doesn’y give out a valid downloadable link … also the purchase of the downloads does not show up in the Download list (even tough the invoices are there, with download links)
Do you have any idea??? Getting desperate …
Kind regards,
Benjamin
What is the file extension?
Hey, I have successfully changed the file type for the downloadable file, but since it’s been updated it’s not showing the option to download the file on email which sends after order processing. Any idea why that would be?
Thanks in advance.
Not 100% sure. Did you change file name since?
Hello,
Looking for tutorials on how to be able to sell dowloadable .KML & .KMZ files for our metal detecting club. I stumbled over your site and, using your lessons, I’ve came up with this:
But now I'm still not allowed to use the kml/kmz files. So big question for me is where the heck did I go wrong?
Kind regards and thanks for a great tutorial site!
Benjamin
Couple of things. Try using ‘application/vnd.google-earth.kml+xml’ only in the first part (source). Also, in the second snippet, both $data[‘type’] also need to match what you’ve entered in the first snippet! Let me know
Hello,
Feeling stupid as … ! why can’t I get this simple snippet to work. Been testing and trying but always the same result … a list of allowed file types but still excluding the wanted KML file ….
Am not sure what you meant only using the ‘application …’ in the source part?
Like I said, been testing and trying untill my site came upp with a critical error after installling Waymark (Wanted to see what made that work). Fortunately it works again but also removed the last version I tried, that also didn’t do the trick
It was this that made the error btw ….
At least I’ve got the posting here right this time ๐
What is your hourly rate so you can solve the selling of the KML files for my club? Maybe the easiest for the both of us … ๐
Hey Ben!
You’ve got a left over slash at the end here:
Try remove that
Good morning to you,
It caused the error but correcting it didn’t do the trick solving it. I still can’t pick a KML or KMZ file.
I’ve also tried to add the line
to my config file, so that I could try to download the KML file and picking it in the media library. The uppload worked when in my media library (off course) but still can’t choose the file in Woocommerce …
Made it work but …
I’ve added
to the functions.php file in the wp-includes map after finding this post.
“For KML/KMZ files to be properly supported, you’ll have to use text/xml and application/zip instead, because WordPress compares the declared MIME type to the ‘real’ detected MIME type (see function wp_check_filetype_and_ext in wp-includes/functions.php for more details)”
So i think it isn’t the proper way since it will be gone by the next update
Yes, that will be overwritten next time you update WordPress. That same function, however, has a filter:
That means you can edit the contents without overriding core files. Maybe the solution is there – let me know!
Where should i put that line? Should I put it together with the two previous lines in my child functions then?
Sorry for the delay Ben. Can you paste here the whole wp_check_filetype_and_ext() with the code you added, so I can give you back a snippet?
Thanks Ben. I’ve actually tried again your code as per https://www.businessbloomer.com/woocommerce-fix-sorry-file-type-not-permitted/#comment-484406 and I can definitely upload a KML file as a WooCommerce product download. No error whatsoever (once you remove that slash we were talking about).
If you can’t upload KML files when that snippet is active, there is something at server level that is blocking the upload. Please talk to your hosting and see what they say.
Also, try disabling ALL plugins but WooCommerce and try again, that would exclude plugin conflicts. Let me know