Do you want to let additional file types to be uploaded to your forms? Allowing more file formats to be uploaded to your site can provide more convenience for you and your users.

In this tutorial, we'll show y'all how to add different file extensions, without compromising the security of your site.

  • File Types Allowed Past Default
  • Adding Boosted File Upload Types
    • Using Preset File Types
    • Calculation Custom File Types
    • Allowing Multiple MIME Types
  • Tips for Securing WordPress File Uploads
  • Oft Asked Questions

Annotation: Are you looking for instructions on creating a file upload grade? Then be sure to check out our guide to the File Upload field for all the details.

File Types Allowed Past Default

For security reasons, WordPress merely allows certain types of files. The default file formats include:

  • Images like .png, .gif, .jpg
  • Documents such as .doc, .xls, .ppt, .pdf
  • Audio like .wav, .mp3, .mp4
  • Video like .mpg, .mov, .wmv

Please note that some of the file types below do have the potential to be misused. That's why WordPress doesn't enable them by default.

  • Images such as .svg, .bmp
  • Documentssimilar .psd, .ai, .pages
  • Lawmaking files such as .css, .js, .json
  • Video similar .flv, .f4l, .qt

Adding Additional File Upload Types

To configure your site to accept additional file formats, you'll need to install File Upload Types, a costless WordPress plugin by WPForms.

Notation: For details on how to add together a plugin to your site, be certain to check out WPBeginner's guide on installing plugins.

Using Preset File Types

Once yous've installed the File Upload Types plugin, in your WordPress admin surface area get to Settings » File Upload Types.

File upload types page

On this page, yous can add preset file types past checking the box side by side to the file type.

Enable extension checkbox

Once you've selected the file types you'd similar to add, click the Save Settings button to relieve your changes.

Click save settings button preset file

Adding Custom File Types

If you'd like to include a file format that is non found in the preset list, you can add your own.

To exercise this, scroll downward to the Add CUSTOM FILE TYPES department. Then, yous'll demand to specify a file format. This is washed through 3 fields:

  • File Description: The name of the file type. This will but exist visible in your File Upload Types settings, and then you can add any details that make sense to you.
  • MIME Type: The category and data type represented by the new file type.
  • Extension: The extension blazon that will be associated with this file (e.1000., .jpg, .docx, etc.).

Note: MIME is a form of file identification on the web. For more details on MIME, you can check out Mozilla'due south documentation for a complete list of mutual MIME types. To make up one's mind what MIME type a file is, you lot tin can apply an online file checker.

Add custom file types section

As an example, here are the fields with the information for a YAML file type:

YAML file extension

Y'all can as well add multiple custom file types past clicking on the plus (+) icon. If you'd like to remove a file type, click the trash can icon.

Plus and trash icons

In one case you lot've filled in all these details, click on the Save Settings button to apply the settings to your site.

Click save settings button

Allowing Multiple MIME Types

If you're adding a file type that has several aliases or possible MIME types, you can also add these into the MIME Types field. This is especially helpful to ensure the proper uploading of files that may accept the aforementioned extension, but different MIME types.

Note: If you're not sure if your file blazon has aliases, you tin can check out this reference guide for a partial list.

In social club to use this feature, you'll need to click the Enable multiple MIME blazon support choice within the plugin.

Enable multiple MIME type support

Note: If you don't encounter this imprint in your plugin, this ways this pick is already enabled on your site.

Once y'all've enabled this characteristic, you tin then add aliases to the MIME Type field, separating each type past a comma.

For case, we'll add the application/photoshop, application/psd, and image/photoshop aliases for a Photoshop file:

Photoshop file example

Once those settings are added, make certain to click the Save Settings push to employ the settings to your site.

Click save settings photoshop file example

Tips for Securing WordPress File Uploads

It may be user-friendly to allow users to upload all sorts of file formats, yet, this can lead to security bug. You can keep your site more than secure while allowing for specific upload types by post-obit these tips:

  • Requiring users to be registered and logged in to submit your form.
  • Limiting file upload types to only those that you really need.
  • Limiting the file upload size.

Oftentimes Asked Questions

I added my additional file type, but I'yard still seeing the post-obit error:

File type not allowed

In this instance, you'll want to be sure that the file you're trying to upload has a MIME blazon that matches the one yous've added to your site. You can rapidly and easily check your file'due south MIME blazon to be sure its blazon matches.

If your MIME type matches and all the same won't upload, it's important to know that WPForms does blacklist certain file types. Some file types will exist blocked from beingness uploaded, even if they've been added using the File Upload Types plugin. The consummate listing of file types are:

ade adp app asp
bas bat cer cgi
chm com cpl crt
csh csr dll drv
exe fxp flv hlp
hta htaccess htm html
htpasswd inf ins isp
jar js jse jsp
ksh lnk mdb mde
mdt mdw msc msi
msp mst ops pcd
php pif pl prg
ps1 ps2 py rb
scr sct sh shb
shs swf tmp torrent
url vb vbe vbs
vbscript wsc wsf wsh
dfxp onetmp

That'southward it! You can now permit users to upload additional file types using your file upload class.

Do yous want more than tips for securing your site? And then be sure to check out our complete guide to WPForms security for all the details.