WordPress: How to “properly” allow unfiltered uploads

June 10, 2019

If you are working with a WordPress site and getting the dreaded “Sorry, this file type is not permitted for security reasons.” message, fret no more!

WordPress has a config that allows you to enable unfiltered uploads

define( 'ALLOW_UNFILTERED_UPLOADS', true );

This, however, does not always work. Especially on Multisite, which may only allow unfiltered uploads for super admin users. No bueno.

Filters to the rescue!

Drop this code into your project (I put it in mu-plugins) and viola! You will have unfettered uploads.

add_filter( 'user_has_cap', 'unfiltered_upload' );

function unfiltered_upload( $caps )
{
    $caps['unfiltered_upload'] = 1;
    return $caps;
}

See also this StackExchange message

Leave a Reply

Your email address will not be published. Required fields are marked *