After upgrading to the latest 2.5.x version of WordPress, I found that I was unable to upload an image. This was highly annoying as a 5-minute blog entry turned into one of those Open Source 2-hour research-and-experiment sessions. Haven’t had much of that since I stopped using Gentoo.
Anyway, the flow went like this:
- Start a new post
- Click the media uploader button
- Ooh and ahh at pretty Web 2.0 screens
- Browse for file and upload
- Get “HTTP error.” along with poorly formatted box that I think says “Crunching…”
Googling turned up this Image/Media Uploader problems page and many others which only served to throw me way off track. Was it my version of Flash? Was it my browser or its cache? Was it some setting in the admin interface? Was it mod_security?
After experimenting with a number of things (made more painful by waiting for DreamHost’s scripts to apply my changes), I finally noticed this in my web server’s error log:
[Sun May 04 09:47:13 2008] [error] [client XXX.XXX.XXX.XXX] File does not exist: /home/foo/example.com/failed_auth.html
Ever since a phpBB exploit years ago, I have been in the habit of protecting every admin directory with apache authentication. As it turned out, this protection was causing the problem as explained in WordPress Trac ticket #6846. Perhaps in the future I’ll search the WordPress Trac before hitting Google.
I temporarily disabled the authentication and found that the media upload process began to work. The longer-term solution, found at the bottom of that Image/Media Uploader problems page, is to install a tiny plugin called No-Flash-Uploader. I didn’t notice a huge change to the interface after installing and activating the plugin, but everything seems to work with authentication back in place.
Now to test it out on Lynx!