WordPress 2.5 has brought a lot of fantastic improvements to the popular blogging software, but with this new release came a lot of problems with the Add media window. After looking around the web I found a lot of solutions, so I don’t take credit for this, but I’d like to help spread the word.
A lot of servers run ModSecurity a popular web application security module for the Apache Web server. I’m not an expert in this area, so I’m assuming that ModSecurity is doing something to the media uploader.
That said there is a way to exclude ModSecurity from the WordPress file being affected. In the root of your WordPress install edit your .htaccess file to include these lines.
<IfModule mod_security.c> <Files async-upload.php> SecFilterEngine Off SecFilterScanPOST Off </Files> </IfModule>
This should exempt async-upload.php from ModSecurity rules.