rocknbil - 5:51 pm on Sep 29, 2011 (gmt 0)
I'd look for any changes in your .htaccess or a path issue. Try clearing cookies (or just use a different browser,) it may be some caching issue in your browser (long shot.)
<for others reading and arriving due to mod_security issues with wordpress>
If you can upload using the classic uploader, but not the Flash uploader, it's likely the Shockwave/Flash mod_security SecRule. Check your mod_security logs.
You don't really want to remove it completely, it's a good thing that it's there. You want to remove it ONLY for async-upload.php. First verify there's an ID on the SecRule, if not, you can arbitrarily add one. Leave a comment so someone knows what you're up to:
## see custom.conf, removedById
SecRule HTTP_User-Agent "^Shockwave Flash" "id:345343245"
If the secRule already has an ID, no need to modify it, just use the ID that's present.
Then mod the config to remove the rule by id for the location. I used custom.conf, which was an empty file. If it doesn't exist, create it and make sure it's used in the main config:
How you would access these varies by host - While the mod_security config file is accessible via WHM, I still had to SSH to the box to create and mod custom.conf.
I posted this in the Apache Forum on discovery asking if this was the most accurate approach and got no answer, so anyone with better ideas speak up. :-)