async-upload.php 403 for not admins

  • Hi !

    I have a custom worpdress multisite install with frontend upload, since the last update all the users except admins can′t upload images.

    I had to deactivate the plugin meanwhile, any solutions ?

    Thanks !

Viewing 7 replies - 1 through 7 (of 7 total)

  • Hi James,
    I have seen a few reports like this in the past days and I have asked our developers to look at it. I am currently gathering info in the issue to make it as quick as possible to solve. Would you consider sending me a diagnostics report?

    Go to Wordfence “Diagnostics” page and at the bottom click the button that says “Send Report by Email”. Change the prefilled address to [email protected] and please provide your username so I know who the mail is coming from. Please make a reply here in the forum when you have sent it so I can go grab it and file it in the correct location. Thanks in advance.

    You should be able to fix it temporarily by disabling rules in the Firewall relating to image uploads. This way you don’t have to disable the whole plugin. I’ll get back to you when I have more information.

    Hello again,
    I have some more information on this issue now. If you are getting http errors on upload of large files you are likely affected by a bug in one of our Firewall rules. The rule in question is “Malicious File Upload (Patterns)”. Possible solutions for now:

    1. Keep the offending Firewall rule “Malicious File Upload (Patterns)” deactivated until fix is released
    2. You could also theoretically increase your PHP memory limit a bit if you wanted. What is happening is that the Firewall runs out of time when it’s trying to check if the upload is safe or not.

    Neither one of those fixes works for me. Only works when I am logged in as an admin.

    I increased the memory to 500, should I do more?

    Hi markalpine,
    sorry I have a typo in the previous message. I meant to increase PHP time out limit, not the actual memory limit. My apologies.

    If you are seeing issues with more things being blocked then only large files then you may have some other problem. I would then suggest you try to disable some more Firewall rules related to uploading to see if you can find another one that is possibly causing issues in your system.

    Let me know how it goes!

    Thread Starter jamesm010

    (@jamesm010)

    Hi !

    None of the solutions works, i had to deactivate the whole plugin and things get back to work like always, i’m pretty sure that is not a problem of server resources, and yes is only happening with large image files.

    If you have more info about it, let me know.

    Thanks !!!

    Hi James,
    disabling the Firewall rule “Malicious File Upload (Patterns)” works for most people having the same issue with timeout when uploading large files. Did you try that?

    In my case I had to disable all of the following:
    Malicous File Upload
    Malicious File Upload (Patterns)
    Malicious File Upload (PHP)

    Disabling only patterns didn’t make any change.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘async-upload.php 403 for not admins’ is closed to new replies.