WordPress Upload HTTP Error Fix

Several versions of WordPress ago, I started sporadically encountering a problem while trying to use the Flash uploader in WordPress. Every time I tried to upload something using the Flash uploader, I would just get this HTTP Error message:

A Screenshot of the HTTP Error message when attempting to upload a files in WordPress

I searched for a solution to the problem and found that it was a bug in one of the older versions of WordPress. Now, several versions later, it’s still happening. I’ve seen it on both WordPress 2.7 and WordPress 2.8. More Googling revealed several tips about about adding directives to the .htaccess file. I tried each of them, but with no success.

The most puzzling part of this problem for me was that I have several different installations of WordPress on different servers and different versions, but this error was only happening on some of them. After I actually sat down and thought about the problem, I realized that the error was only occurring on the WordPress installations that I had set to be private through the authorization control using my .htaccess files. Those sites have an .htaccess file in the root directory which starts with something like this:

AuthName "private site"
AuthType Basic
AuthUserFile /home/private/.htpasswd
Require valid-user

This causes a dialog box to pop up when you try to go to the site. You have to specify a correct username and password, as specified in the .htpasswd file, in order to gain access to the site.

After realizing there might be a connection with this, I tested using the flash uploader on one of my sites with the htaccess authentication turned off. Sure enough, it worked like a charm. So after realizing that the HTTP Error was definitely related to this, a solution was easier to find.

The solution that worked for me was to create an .htaccess file in the wp-admin directory. The htaccess file should have the following rules in it:

AuthType Basic
AuthName share
Satisfy Any
Order deny,allow
Allow from all

<IfModule mod_security.c>
<Files async-upload.php>
SecFilterEngine Off
SecFilterScanPOST Off

Since adding this file, I’ve been using the image uploader on my protected sites without a problem.

Public Alley 404

Public Alley not found:

View Larger Map

HTTP Errors

Here’s a great Flickr set on interpretations of the different HTTP Errors:

An Illustration of the HTTP Error 400. Shows a hot dog with two ice cream scoops and a cherry on top

Conditional Classnames

Paul Hammond has a very clever idea about avoiding conditional sytlesheets for Internet Explorer. Basically, if we just use conditional comments for IE to include a classname in the body tag, we can isolate the specific IE rules in the main stylesheet.


  • Avoids any extra HTTP requests for files with IE-only hacks
  • Slicker than including that monstrosity inside the head tag
  • Allows for easier reading and maintenance of stylesheets. The IE hacks can be placed where they’re relevant in the stylesheet.


  • Doesn’t this defeat the entire idea of separating out hacks from standard CSS?

Does anyone else have opinions on the matter?

Current Web Design Resources

I’ve been steadily working on a new web design project which will eventually become a custom WordPress template. In the design process I’ve slowly managed to amass several browser windows full of tabs of related things that I was looking at for inspiration on the site.

Safari is getting pretty slow with all of those tabs so I kind of needed to do a complete dump of the tabs. Without further ado, here are the links (for my benefit as much as yours).


CSS Galleries

WordPress Themes (Inspiration)

Photoshop and Illustrator Tutorials

Other Stuff