Wordpress 2.5 upload fix

Posted by multippt

Looks like even after extensive testing on Wordpress’s side, one nasty bug managed to slip through, and it’s not the fault of Wordpress either. Apparently, anyone using mod_security on Apache will not be able to upload anything on Wordpress 2.5 or Wordpress 2.5.1. This could be because mod_security doesn’t take a liking towards the Flash uploader Wordpress now uses. This is a big problem for Wordpress, since more than 30% of the Internet uses mod_security (courtesy of Hostgator and numerous other Internet web hosts), which means these uploaders won’t work if you simply install Wordpress and do nothing else after.

The fix?

Simply create or edit your .htaccess using your text editor. Insert the following lines to the file:

<IfModule mod_security.c>
<Files async-upload.php>
SecFilterEngine Off
SecFilterScanPOST Off
</Files>
</IfModule>

That should switch off security only for your uploader, and chances are your uploader should work fine.

Alternatively, since the entire problem is caused by Flash, you could try disabling the Flash uploader using a plugin that does that.

—

A second glitch is that sometimes the media gallery in Wordpress 2.5 may not be able to insert images. In addition to that, changes to your post might be lost for unknown reasons after doing that. Nonetheless, you can insert the image in another method by copying the URL of the image in the gallery and inserting it via Add Image in the toolbar.