Brought to you by Wordpress and Modsecurity…Well, I finally got the image upload issues with my blog tracked down. Not like anybody but me cares, but that’s fine…The security software was blocking stuff that identified itself as flash, because some spammers identified themsevles as flash.
I ended up disabling that rule. The fixes I was finding were for adding something in the override, but my server is set to NOT allow individiaul users to override the rule parsing. Much more secure box that way…Hopefully, it won’t cost me in terms of getting more spam. But it was the easiest way to enable uploads for everyone using wordpress 2.5.X on my server, and not just me…
Spammers suck!
And that was my geekymoment. Might be more productive if I used some of them for clients instead of me, but this has been bugging me a long time!
editors note to people finding this post on a search: gotroot.com’s rules for useragents.conf, the spambot group, contains this rule. it breaks the wordpress 2.5.X media library file uploading. if you find a way of writing a reasonable exclusion for this rule rather than blanket disable, please share. I’m mostly a modsec noob.
Emily on 
big monkey on