Upload files of any kind to WordPress

Last Revised: October 2, 2021

When we talk about uploading multimedia elements through the administration panel we usually refer to images, documents and known files.

  • Audio: M4A, MP3, OGG, WAV.
  • Documents: DOC/DOCX, ODT, PDF, PPT/PPTX/PPS/PPSX, PSD, XLS/XLSX
  • Images: GIF, ICO, JPG/JPEG, PNG.
  • Video: 3GP/3G2, AVI, MOV, MP4/M4V, MPG, OGV, WMV.

This proposal actually goes against security, since what it allows is the opposite, that the administrators of the site can upload any type of file through the panel; however, for certain needs, you may need to activate it in the configuration file [wp-config.php]:

define('ALLOW_UNFILTERED_UPLOADS', true);

Another option is to add extensions through the retouching of existing MIME Types, being able to add or remove the desired ones. To do this we can add in the [functions.php] file or by creating a specific plugin:

function wpdanger_mime_type( $mime_types ) {
  $mime_types['json'] = 'application/json'; // Añadir JSON
  $mime_types['svg'] = 'image/svg+xml'; // Añadir SVG
  unset( $mime_types['gif'] ); // Eliminar .GIF
  return $mime_types;
}
add_filter( 'upload_mimes', 'wpdanger_mime_type', 1, 1 );

Seguir con Seguridad para WordPress


About this document

This document is regulated by the EUPL v1.2 license, published in WP SysAdmin and created by Javier Casares. Please, if you use this content in your website, your presentation or any material you distribute, remember to mention this site or its author, and having to put the material you create under EUPL license.