MoPublication – You dont have permission to access /wp-admin/media-upload.php on this server

[bill]

Hello. I am receiving the following message when I attempt to upload an image in my dashboard via a plugin…

You don’t have permission to access /tito/wp-admin/media-upload.php on this server.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Is this a plugin firewall or .htaccess issue? Thanks in advance for any insight.

[AITpro Admin]

Most likely this does not have anything to do with BPS.  BPS does not interfere with the standard WordPress Media Uploader in any way.  How are you doing the upload?  Are you using the standard WordPress Media Uploader or are you using a plugin to upload Media via that plugin?  What type of file are you trying to upload?  How large is the file?  Are you running low on Server disk space?

[bill]

Its actually via a plugin and not WP’s media uploader… WP’s media uploader actually works fine… No issues.

[AITpro Admin]

Ok then check your BPS Security Log and post the logged error that is related to this plugin error.  Also what is the name of this plugin?

[bill]

The plugin’s name is MoPublication: http://wordpress.org/plugins/mopublication Checking security log now…  No security issue was logged…

[AITpro Admin]

Then that means the uploader is using stand alone java that fires outside the norm of php.  I’ll install and test the plugin and post whatever skip/bypass rule is needed for this plugin.  If I find that BPS Pro is blocking this plugin for a good reason then I will obviously advise you to find a safe alternative plugin.

[bill]

Ok, thank you.

[AITpro Admin]

The Media Upload method is perfectly safe in this plugin.  It is fine to whitelist this by adding this skip/bypass rule to wp-admin Custom Code.

1.  Copy this code below to this BPS Custom Code text box:  CUSTOM CODE WPADMIN PLUGIN FIXES: Add ONLY WPADMIN personal plugin fixes code here 

# media-upload.php skip/bypass rule
RewriteCond %{REQUEST_URI} (media-upload\.php) [NC]
RewriteRule . - [S=2]

2.  Click the Save wp-admin Custom Code button.
3.  Go to the Security Modes page and activate wp-admin BulletProof Mode again.

[bill]

Working perfectly now…. Thanks for everything. Everything.  It’s actually displaying the WP media uploader now… So, when I select an image to upload, instead of uploading to the plugin, it appears to be going to my media library instead. Edit: Yes, its definitely going to the media library.

When I saw that the forbidden message was removed, got excited. But, no, its not working correctly. Instead of uploading to the plugin where the image can be used for its respective purpose (e.g.; logo, icon, ad banner, etc.), the upload window looks like the reg. WP media uploader —  so when I upload the logo, icon or ad banner image (within the plugin section of the dashboard), the file goes to my media library and is not associated with/inaccessible (to the plugin).

[AITpro Admin]

That does not have to do with BPS since BPS has whitelisted the media-uploader.php file and is no longer involved in the equation.  You are probably doing something wrong procedurally.  The Media Upload window normally gives you several different ways to save files, insert files, etc.  Check the help info for this plugin to find out what you need to do procedurally.

[bill]

Will do. Thanks again.

[AITpro Admin]

I just played with the plugin for a second and what you have to do is choose Insert Into Post and NOT Save all changes.  You will then see your image in the floating mobile device graphic.

[bill]

Yahtzee!!! That’s it… Thanks!

[Author]

Posts