Mac and Flash uploader problem I solved

Those directions are bad advice (in that you never edit core).

I both use mod_security and a mac and have no problem with the flash uploader. Of course, those lines don’t even exist in WordPress anymore.

I found it can be avoided by modify .htaccess file, but unfortunately my host provider(and mosts of my country, yuck) applies ‘broad’ mod_security setting, which means you have trouble with Mod_sec? then turn off it! Hell yeah~!

lpstenu, nope, I found that. location could be changed simply find with a word ‘mac’ in text editor, you can find kind annotation with no flash when mac and mod_sec and emoticon “:( ” I guess definitely have problem with mod_sec and that code(‘core’), Mac altogether. I don’t know how. but It worked.

Its shame… I had deleted installation twice. but media.php in freshly downloaded file has no such codes…

correction : I saw wrong file. It has.
// If Mac and mod_security, no Flash. ??
$flash = true;
if ( false !== stripos($_SERVER[‘HTTP_USER_AGENT’], ‘mac’) && apache_mod_loaded(‘mod_security’) )
$flash = false;

Well. I freshly uploaded. but I found that. Odd. Well, As I bound current Web host provider with annual contract, and they only support ‘system wide’ mod_sec. I had to decide override this code which sacrificing integrity or turn mod_sec off in sake of security. Which sound better?

Don’t double post please, you trip the spam filter ??

I didn’t turn off mod_security. I still use it (and can’t post certain things because of it). You CAN modify mod_sec to be less snitty though.

See https://www.ads-software.com/support/topic/disable-mod-security?replies=16

And why don’t I have it? Cause it’s not in the next version of WP ?? Heh. Forgot what version I was looking at!

Sorry, for double post for any inconvenience. and before open topic, I had search and discovered that article you given. but I’m newbie in these field to it’s hard to understand what it said, no idea. Sorry… not your fault.

Most of all, making in mod_sec related .htaccess file in in wp-admin directory makes whole admin site can’t accessible. I asked Host provider, they don’t allow modification local mod_sec disable. ?? It simply not allowed by their policy. so I reached several local host providers but they also said same(or similar) policy. I had to choose between turn mod_sec off or make modification.

and BTW, I asked the provider turn mod_sec off. then I took test but It doesn’t work. awkward? huh? So, I ‘disabled’ the code by ‘/’ then, anyway worked. They have something very awful jobs. They are one of best guys in my country. Must I’m living in terrible country. I guess. Please, understand. Goal is simple. working Flash uploader. No sacrificing security would be better(You will found several articles in this forum don’t recommend to turn off mod_sec) even in sake modification(just adding two ‘/’) in code.

‘Version’ means you read codes from not released(‘future’) version? right? so I can expect soothing from this somewhat later?

Yes, in 3.3 of WordPress this goes away.

Mod_security’s whitelist.conf is something your HOST needs to do, not you, and honestly, the flash uploader USUALLY works unless your server is set up in an unexpected way ??

https://www.ads-software.com/support/topic/disable-mod-security?replies=16#post-1266365 that post is what your host needs to edit. Many hosts, mine included, lock down mod_security but are willing to whitelist if you ask nicely.