Page 1 of 1

WordPress – Upload banned File Types to Media Library

WordPress – Upload banned File Types to Media Library
   17

WordPress handles media files through it’s Media Library and in it’s default installation only certain file types, or better said: MIME-types, are allowed to be uploaded.

The current selection of allowed file types (ie.the file types that are not banned) can be rather limiting specially when you’re using bbPress as a forum wiht your WordPress setup. I’m not sure about the need for additional formats for all bbPress forums, but in the Tweaking4All forum I most certainly would like to be able to upload RAR, 7z, GZIP, XML and CSV files (amongst others).

Unfortunately WordPress does not offer a straight forward interface in the Admin Pages to modify the allowed Files Types.
In this article a short piece of code to allow you to add other file types or so called mime-types.




Standard Support File Types in WordPress

WordPress supports a standard set of file or MIME types (a.k.a. file types or Internet Media types) – I’m sure this list changes over time, so consider looking at the source of this information when looking for what files to add or not in the WordPress Accepted FileTypes page or the WordPress Codex on Uploading Files.

Currently, at the time that I’m writing this article, these formats are allowed:

Images: .gif, .jpg, .jpeg, .png

Documents.pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx, .zip

Audio: .mp3, .m4a, .ogg, .wav

Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2

Please keep in mind that files might be rejected based on other criteria, for example lack of disk space, because the file is larger than the maximum allowed file size or because your web-host does not allow particular files.

Note : If you’d like to allow larger files, you’ll need to edit the PHP configuration file (php.ini) and add or set the following lines in php.ini (the example allows files up to 32 Mb):


1
2
upload_max_filesize = 32M
post_max_size = 32M

Add Allowed File Types to WordPress

The approach in this article is straight forward: We will ADD file/MIME types to the existing list of allowed file types.

PAY ATTENTION TO SECURITY RISKS 

Before adding random file/MIME types: please think about possible security issues.

For example HTML (.htm, .html), JavaScript (.js) and PHP (.php) file are types you’d better avoid as they can be “executed” on your server where you really would not want that to happen. For most of these kind of files, this should not be a problem though as these files are better off being compressed into a ZIP file anyway.

Only add file types that you REALLY need and that you are comfortable with.

A full list, maintained by IANA, of MIME types can be found in the Media Types Overview.

The following code must be added to the functions.php file of your theme.

It will add the following file types:

Data files: CSV, XML,
Compressed files: 7z, RAR, TAR, TGZ, ZIP, GZ, GZIP
Application packages: APK, DEB, RPM
Disk images: IMG, ISO
Fonts: TTF, WOFF


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
add_filter('upload_mimes', 't4a_add_custom_upload_mimes');

function t4a_add_custom_upload_mimes($existing_mimes){
    return array_merge($existing_mimes, array(
        'csv' => 'application/octet-stream',
        'xml' => 'application/atom+xml',
        '7z' => 'application/x-7z-compressed',
        'rar' => 'package/rar',
        'tar' => 'package/x-tar',
        'tgz' => 'application/x-tar-gz',
        'apk' => 'application/vnd.android.package-archive',
        'zip' => 'package/zip',
        'img|iso' => 'package/img',
        'gz|gzip' => 'package/x-gzip',
        'deb|rpm' => 'package/x-app',
        'ttf|woff' => 'application/x-font') );
    return $existing_mimes;
}

In essence it takes the existing array of allowed file types ($existing_mimes) and we simply add the ones we want additionally. The “new” array will then be returned to WordPress.

  Don’t forget that this is only EXAMPLE code – you’ll have to modify it to match your needs.

And that’s all folks … 

Donation options


Donations are very much appreciated, but not required. Donations will be used for web-hosting expenses, project hardware or a motivational boost (a drink or snack). Thank you very much for those have donated already! It's truly AwEsOmE to see that folks like our articles and small applications.

Please note that clicking affliate links, like the ones from Amazon, may result in a small commission for us - which we highly appreciate as well.

Comments


There are 17 comments. You can read them below.
You can post your own comments by using the form below, or reply to existing comments by using the "Reply" button.

  • Nov 26, 2014 - 8:22 AM - Kamiyab Comment Link

    can i upload ‘xap’ windows app file

    plz give me code of ‘xap’ app

    Reply

    Kamiyab

    • Nov 26, 2014 - 8:52 AM - hans - Author: Comment Link

      Hi Kamiyab,

      according to the xap Wiki information you simple add:

      'xap' => 'application/x-silverlight-app',

      (for example right after line #15)

      Note that they also state that xap will be replaced with APPX (wiki) – I presume it will have the same MIME code, but I cannot verify this. So that could potentially be:

      'appx' => 'application/x-silverlight-app',

      Hope this helps …

      Reply

      hans

  • Nov 29, 2014 - 6:32 AM - Kamiyab Comment Link

    know say me about ‘obb’  file …..code

    Reply

    Kamiyab

    • Nov 30, 2014 - 3:06 AM - hans - Author: Comment Link

      To find out what to do for a file, I simply Google the extension with the phrase “mime” added. So in this example:

      obb mime

      This way you’ll find a description of the filetype and it’s mime type. In the example of an “obb” file:

      Category: Archive files
      Application: Android SDK
      Mime-type: application/octet-stream

      Based on this you can compile your own file type exception:

      'obb' => 'application/octet-stream',

      Repeat this for all file extensions you need … 

      Please feel free to post them here so others might be saved the work as well … 
      Hope this helps!

      Reply

      hans

  • Jan 6, 2016 - 9:03 AM - Keith Comment Link

    What about .ai and .indd

    Reply

    Keith

    • Jan 6, 2016 - 11:46 AM - hans - Author: Comment Link

      Hi Keith,

      you can look those up at Dottoro Web Reference (I have to admit that I had to Google it as well).

      So the code would become (adding .ai and .indd):

      add_filter('upload_mimes', 't4a_add_custom_upload_mimes');
      
      function t4a_add_custom_upload_mimes($existing_mimes){
          return array_merge($existing_mimes, array(
              'ai' => 'application/postscript',     // Adobe Illustrator
              'indd' => 'application/x-indesign', // Adobe Indesign
              'csv' => 'application/octet-stream',
              'xml' => 'application/atom+xml',
              '7z' => 'application/x-7z-compressed',
              'rar' => 'package/rar',
              'tar' => 'package/x-tar',
              'tgz' => 'application/x-tar-gz',
              'apk' => 'application/vnd.android.package-archive',
              'zip' => 'package/zip',
              'img|iso' => 'package/img',
              'gz|gzip' => 'package/x-gzip',
              'deb|rpm' => 'package/x-app',
              'ttf|woff' => 'application/x-font') );
          return $existing_mimes;
      }

      Reply

      hans

  • Oct 20, 2016 - 2:04 AM - Johng906 Comment Link

    Thanks for sharing it ebbbeadaadeb

    Reply

    Johng906

    • Oct 20, 2016 - 8:35 AM - hans - Author: Comment Link

      Thanks for taking the time to post a “thank-you” – it’s much appreciated 

      Reply

      hans

  • Feb 24, 2020 - 7:01 AM - jean Comment Link

    It just doesn’t work

    Reply

    jean

    • Feb 24, 2020 - 8:30 AM - Hans - Author: Comment Link

      Not sure what to tell you – I’ve added this to my website in 2013, and it’s still running just fine even with the latest WordPress version 
      Did you add the code to functions.php, and are you needing it for anything in particular?

      Reply

      Hans

      • Feb 24, 2020 - 8:34 AM - jean Comment Link

        Yes I did. I needed to upload rar files, everyone was suggesting the same script you posted here on google, but never worked for me. I have also tried to download plugins, they didn’t work too.

        In the end I fixed by adding this line of code inside my wp-config.php

        define('ALLOW_UNFILTERED_UPLOADS', true);

        Now I can upload rar files correctly.

        Reply

        jean

      • Feb 24, 2020 - 8:42 AM - Hans - Author: Comment Link

        I would not recommend using that option – it’s pretty unsafe.
        Of course depending on where you need it. If you only need it in the Admin pages, and you’re the only admin, and you do not allow anyone to upload content anywhere on your website, it may be fine. I’d be nervous using that solution though.

        This should work though – mind the name of the function (this is where I sometimes goof up):

        add_filter('upload_mimes', 't4a_add_custom_upload_mimes');
        
        function t4a_add_custom_upload_mimes($existing_mimes){
            return array_merge( $existing_mimes, array( 'rar' => 'package/rar') );
            return $existing_mimes;
        }

        Maybe place it way in the top of your functions.php (but you probably already tried that).
        WordPress can be confusing …

        Reply

        Hans

        • Feb 24, 2020 - 9:00 AM - jean Comment Link

          Tried your new script and no, it doesn’t work. I must say I’m inside a child theme, and I’m using the Theme Editor inside wordpress admin panel to update the file, I’m not using ftp. But I don’t think this should be a problem

          Reply

          jean

        • Feb 24, 2020 - 9:43 AM - Hans - Author: Comment Link

          I’ve never edited a file like that (always use FTP and a text editor on desktop).
          Does the theme editor actually allow you to edit functions.php?
          I’m just wondering as it must be theme specific, since usually (if at all) this is done for CSS files. But I suppose it is not impossible – just have never seen this.

          I’d verify the actual functions.php file to make sure it really is there.

          Reply

          Hans



Your Comment …

Do not post large files here (like source codes, log files or config files). Please use the Forum for that purpose.

Please share:
*
*
Notify me about new comments (email).
       You can also use your RSS reader to track comments.


Tweaking4All uses the free Gravatar service for Avatar display.
Tweaking4All will never share your email address with others.