Have you ever tried to upload a file to your WordPress site but got the error message saying, “Sorry, this type is not permitted for security reasons” or “No field ID supplied? Please correct errors before submitting this form.”?
Both messages mean the same: You are trying to upload files to your forms that WordPress does not support. Luckily, there are few solutions to allow additional file types in Ninja Forms.
In this article, we will show you the easiest way to add additional file types to be uploaded in WordPress. All you need is our WordPress file upload plugin.
Here are the file types WordPress usually allows
If you ever asked yourself a question about what file types you can upload to WordPress, here is what you should know. Due to security reasons, WordPress only allows certain types of files to be uploaded through your site’s admin. This is the most accurate list of file types WordPress allows:
Images: .jpg, .jpeg, .png, .gif
Documents: pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx
Audio: .mp3, .m4a (might not work in all browsers), .ogg, .wav
Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2
For the most up-to-date list of accepted file types, including additional information, we recommend you to take a look at their article Accepted File Types.
Allow additional file upload types in your WordPress form
Sometimes you might find yourself needing to expand the list with additional file formats. Here is a quick solution on how to allow additional file types to be uploaded to your WordPress form using the File Uploads add-on.
Once you install the file upload plugin and navigate to your Ninja Forms form builder, you will see the File Upload field located under the Common Fields.
After you add this field to your form, you will unlock additional file upload settings including the following:
The setting where you can decide what file types you will allow your users to upload to your WordPress site is under the Restriction tab > Allowed File Types. Now let’s look at three scenarios for uploading files to your forms.
Allow a single file type
In our example below, we only allowed the Adobe Photoshop file type to be uploaded in WordPress. We entered psd into the Allowed File Types area. This means no other file types will be allowed in your forms.
Allow multiple file types
If you have a list of file types you want to allow to be uploaded in your WordPress forms, you need to use a comma-separated list. In our example we allowed the following file types to be uploaded:
- jpg
- gif
- png
- csv
- doc
- docx
- xlsx
- heic
- heif
- psd
- indd
- ai
- mp4
- mov
- ppt
Also, we set the file limit to 5, so each user can only upload a maximum of 5 files to the form.
Allow default file types for upload in WordPress
If you leave the Allowed File Types empty, all the file types supported by WordPress can be uploaded to your online forms.
Beef up security for your uploaded files
Now that you know how to allow additional file types in your forms, let’s talk a bit about the place where your uploaded files are stored.
As you might already know, by default, WordPress stores all the uploaded files in the wp-content/uploads folder on your server. This folder is an integral part of your WordPress, and we don’t control the fact that it’s publicly accessible. This fact raises a question many WordPress users ask: How do I protect my WordPress-uploaded files?
Most importantly, the security of uploaded files depends on the security of your server. Accepting uploads is always at your own risk. Using a good security service, you can minimize the risk. You might want to look into WordPress security plugins like Shield, Wordfence, Securly, and such.
In the end, for this reason, you might decide you don’t want to save uploaded files to your server. With our File Uploads add-on, you can simply disable the Save To Server option in your File Upload field. This setting will prevent saving your uploaded files to your server and to your media library.
What if the option to disable the Save to Server is not the solution you are looking for? What if you need to store your uploaded files, but the default WordPress uploads folder is not a suitable location? We offer the ability for secure uploading directly to Dropbox, Google Drive, or Amazon S3.
If you want to learn how to make sure to check out our useful step-by-step tutorials on How to Upload a File to Dropbox from WordPress, Want to Upload Files to Google Drive from WordPress, and How to Upload a File to Amazon S3 from WordPress.
If you are concerned about the security of your uploaded files, we recommend reading our guide on How to Protect Uploaded Files in WordPress Forms. It is packed with plenty of tips to keep your files secured and your website protected from attacks.
Are you ready to upload additional file types in your WordPress forms?
Congratulations! Now you know how to allow additional file types in your WordPress forms. The next time you need to allow that .psd, .ai, .indd, or other file formats not listed within the supported file types by WordPress, you can simply return to this guide.
Do you want to learn more about how to use our file upload plugin? Check our deep-dive article into File Uploads add-on: Add a File Upload Field to Your Form (Complete Guide). Here, you’ll learn the following:
- Add a file upload field to any WordPress form
- Adjust the number of files you want to accept
- Restrict uploaded files by file type and size
- Rename files and create custom folders per upload
- Attach uploads to email notifications
- Protect uploaded files to your WordPress site
- Disable storing uploaded files to your server
- Upload files to the Media Library, Google Drive, & more!
Jennifer Dodds says:
Just want to add onto this that your theme might have a spot within the function.php where file uploads are defined. You may need to insert this code into that portion of the script instead of at the end.
Additionally, this can be updated using “Code Snippets,” which is a WordPress plugin that will paste the code into the correct portion of the theme customizer for you.
Finally, BACK UP before you start screwing around in there. That’s the only other advice I would add having just read this article and used it to help update my own site.