I remember the first time I tried uploading a client’s résumé through a Contact Form 7 form and boom, error. “This file type is not allowed.” It was a PDF, nothing shady, just a simple document. But WordPress didn’t like it. That’s when I realized how confusing Contact Form 7 acceptable file types can be, especially if you’re not a developer.
If you’ve ever wondered why your form blocks files or how to let users upload just PDFs or DOCX safely, you’re not alone. This guide breaks down which file types CF7 accepts by default, how to customize them, and how to troubleshoot common issues.
By the end, you’ll know how to manage file uploads in Contact Form 7 with ease.
Table of Contents
- What Are Acceptable File Types in Contact Form 7?
- Default File Types Allowed in Contact Form 7
- How to Allow Specific File Types in Contact Form 7
- Setting File Upload Limits (Size + Type)
- Troubleshooting: File Upload Not Working for PDF, DOCX, or Others
- MIME Types vs File Extensions: What’s the Difference?
- How to Restrict File Upload Types for Safety
- Best Practices for File Upload Security in CF7
- FAQ — About Contact Form 7 File Uploads
- Keep File Uploads Clean and Simple
What Are Acceptable File Types in Contact Form 7?
In Contact Form 7, acceptable file types are formats your form can safely receive like .pdf, .jpg, or .docx. But it’s not just about file extensions. WordPress checks the file’s identity (MIME type) too.
Think of it like airport security: the file extension is your boarding pass, but the MIME type is your passport. Both must match to pass through.
CF7 uses WordPress’s internal validation, so even if you add a file field, uploads won’t work unless the type is on WordPress’s approved list. Want to control what’s allowed? Use the filetypes: attribute in your form tag:
[file resume-upload filetypes:pdf|docx] That’s it. You’re telling CF7, “Only allow these file types here.”
So, acceptable file types in CF7 = what you define with filetypes: + what WordPress confirms via MIME type.
Default File Types Allowed in Contact Form 7
By default, Contact Form 7 acceptable file types include many common formats like images, documents, videos, and audio. If you’ve ever added a file upload field and wondered why some files go through while others throw an error, it’s because WordPress only allows certain types by design.
Here’s a quick table to make it crystal clear:
| Extension | Type | Description |
| .jpg, .jpeg | Image | Standard photo/image formats |
| .png, .gif | Image | Transparent and animated |
| Document | Portable Document Format | |
| .doc, .docx | Document | Microsoft Word formats |
| .ppt, .pptx | Document | PowerPoint presentations |
| .odt | Document | OpenDocument text format |
| .avi, .mov | Video | Video file formats |
| .mp4, .mpg | Video | Widely used media types |
| .mp3, .m4a | Audio | Music and sound clips |
| .wav, .wmv | Audio/Video | Older media types |
| .ogg | Audio | Open-source media format |
These are what WordPress and CF7 consider “safe.” You can upload them without needing to tweak anything. But here’s the catch your server or hosting setup might limit these further. I’ve seen clients able to upload .docx on one site, but blocked on another using the same form.
Contact Form 7 allows files like .pdf, .docx, .jpg, and .mp4 by default, but actual support depends on WordPress and your server settings.
If something unexpectedly fails, don’t panic. It’s often a MIME type mismatch or server rule not your form’s fault.
How to Allow Specific File Types in Contact Form 7
Let’s say you want to let users upload only PDFs, DOCX files, or ZIPs—nothing else. Contact Form 7 makes this easy with a simple tweak to your form’s tag using the filetypes: attribute.
Here’s how to do it step-by-step:
- Go to your Contact Form 7 editor in WordPress.
- Click on the “File” tag generator (right above your form field).
- In the popup, find the option called “File types”.
Enter the allowed extensions, separated by a pipe symbol (|). Example: python pdf|docx|zip
- Click Insert Tag, and you’ll get something like this: [file file-upload filetypes:pdf|docx|zip]
- This short line of code does something powerful—it tells CF7 to only accept .pdf, .docx, or .zip files from users.
To allow specific file types in Contact Form 7, use the filetypes: attribute like this: [file file-upload filetypes:pdf|docx|zip]
Think of the pipe (|) as the “or” in the equation. You’re saying: “Accept this OR that OR that.” No commas. No spaces. Just clean and simple.
Pro tips for begginner: Always double-check the spelling of your extensions—jpeg ≠ jpg, and doc ≠ docx.
If you prefer using the plugin UI instead of editing shortcodes manually, just use the Tag Generator. It’s user-friendly and prevents formatting errors. I recommend grabbing a quick screenshot of the Tag Generator window here for visual learners (insert it just below this paragraph).
Setting File Upload Limits (Size + Type)
Want to stop users from uploading massive files that crash your site? Contact Form 7 makes it easy to limit both the file size and file type right in your form tag.
Here’s how: Just add the limit: attribute to your file upload field. It sets the max size in bytes.
For example, if you want to limit uploads to 1MB:
plaintext[file upload limit: 1048576 filetypes:pdf|docx]
That “1048576” is 1 megabyte (1MB = 1024 × 1024 bytes). You can change the number to fit your needs.
Use filetypes: and limit: together for better control. That way, you’re saying, “Only accept PDFs or DOCX, and they must be under 1MB.”
Also, keep in mind—WordPress and your server also have their own upload limits. So even if CF7 allows 5MB, your hosting might block it at 2MB.
To limit file size in Contact Form 7, use limit:1048576 in your file tag. Combine it with filetypes: for safer uploads.
Troubleshooting: File Upload Not Working for PDF, DOCX, or Others
Tried uploading a normal PDF or DOCX and got hit with “This file type is not allowed”? You’re not alone—it happens more often than you’d think.
Why It Happens:
- MIME type mismatch – Even if the file extension is allowed, WordPress checks the MIME type too.
- Server restrictions – Some hosts block uploads for security.
- Form tag issues – Typos in your [file] tag can silently break uploads.
1. Add MIME Types via Code
Add this to your functions.php:
function add_custom_mime_types( $mimes )
{ $mimes[‘docx’] =’application/vnd.openxmlformats-officedocument.wordprocessingml.document’; return $mimes;}
add_filter( ‘upload_mimes’, ‘add_custom_mime_types’ );
2. Use WP Extra File Types Plugin
Don’t want to touch code? Install the plugin, enable your file types in Settings → Extra File Types, and save.
If your PDF or DOCX upload fails in CF7, check MIME settings or use the WP Extra File Types plugin.
With these quick tweaks, your uploads should work like a charm!
MIME Types vs File Extensions: What’s the Difference?
Ever uploaded a file that looked totally fine like a .docx but still got slapped with a “file type not allowed” error? Yep, I’ve been there too. It’s frustrating, especially when everything looks right on the surface.
A file extension is what you see (.pdf, .jpg), but a MIME type is what WordPress checks behind the scenes to make sure the file is actually what it claims to be.
- Let’s break that down with a quick real-world metaphor:
A file extension is like a name tag at a party — it tells people who you are. - A MIME type is your government-issued ID — it proves you are who you say you are.
So, even if someone shows up with a name tag that says “.pdf,” WordPress checks the MIME type (like application/pdf) to confirm it’s legit. If those two don’t match? Access denied.
Why This Matters in CF7
Contact Form 7 relies on WordPress’s file verification system. That means both the extension and MIME type need to match up for a file to be accepted. If either one is off even slightly the upload fails.
You allow .docx in your form, but your server doesn’t recognize the MIME type application/vnd.openxmlformats-officedocument.wordprocessingml.document. Boom. Error.
If this mismatch keeps happening, try adding the missing MIME type manually in your theme’s functions.php, or use a plugin like WP Extra File Types to avoid dealing with code.
MIME types verify the actual file content, while file extensions just describe it. In Contact Form 7, both must match or the upload will fail.
How to Restrict File Upload Types for Safety
Let me tell you a quick story. A client once asked me why someone tried to upload a .exe file through their résumé form. Yep an executable file. That’s when I realized just how important it is to lock down file uploads in Contact Form 7.
Only allow the file types you actually need like .pdf or .docx. Use the filetypes: attribute to keep things tight.
Why It’s Critical
Allowing any file type is like leaving your front door wide open. Hackers can sneak in.php, .exe, or even corrupted images which could lead to malware on your site. It’s safer to never let those files through in the first place.
How to Restrict File Types in CF7
Use the filetypes: parameter to accept only specific formats. [file resume filetypes:pdf|docx] This tells CF7 to only accept PDF and DOCX files. Use [file resume filetypes:pdf|docx] to block all other file types in Contact Form 7.
Keep It Simple
Most forms only need a few file types:
- .pdf for documents
- .docx for editable files
- .jpg or .png for images
Avoid letting users upload video, script, or compressed files unless it’s absolutely necessary.
Best Practices for File Upload Security in CF7
File uploads can be risky if not properly secured. Here’s how to keep things safe without overcomplicating it:
- Use a Security Plugin: Tools like Wordfence or Sucuri can scan uploads for malware and alert you to threats.
- Block Dangerous File Types: Never allow .exe, .php, or .js. Stick to safe formats like .pdf, .docx, and .jpg.
- Secure Upload Folders: Prevent public access to uploaded files with an .htaccess rule or plugin settings.
- Clean Up Regularly: Delete old or unused files monthly using WP-Optimize or a similar tool.
Treat uploads like a guest list only let trusted files in, and always lock the door behind them.
FAQ — About Contact Form 7 File Uploads
1. How do I allow specific file types in Contact Form 7?
Use the filetypes: attribute in your form tag.
Example: [file upload filetypes:pdf|docx|jpg]. This tells CF7 to only accept those file formats.
2. Why is PDF or DOCX upload not working in Contact Form 7?
It’s usually a MIME type mismatch. Fix it by adding the correct MIME type in your theme’s functions.php, or use a plugin like WP Extra File Types.
3. Where can I find the default file types supported by Contact Form 7?
They’re listed in the official plugin documentation. We’ve also included a clear table of all default types (like .pdf, .jpg, .docx) in the section above for easy reference.
4. Can I restrict uploads to just images or documents?
Yes! Just list only those file types in the filetypes: attribute.
Example: [file media filetypes:jpg|png|pdf|docx]. This blocks everything else automatically.
5. What’s the difference between a MIME type and a file extension?
File extensions are what users see (like .pdf),
but MIME types are what WordPress uses to verify the actual file content (like application/pdf). Both must match for uploads to succeed.
Keep File Uploads Clean and Simple
File upload errors in Contact Form 7 can seem tricky at first, but they’re usually easy to fix once you understand how filetypes and MIME types work.
Stick to the formats you need like PDF or DOCX and define them clearly with the filetypes: attribute. Keep your uploads secure by avoiding risky file types and using tools like Wordfence or WP Extra File Types.
Once it’s set up right, CF7 file uploads just work. Simple, safe, and stress-free. Got stuck? Drop a question in the comments I’ve been there too.