I was using YUI Uploader for a personal project and it works very well on my development notebook and server. However when the code is live on the server the Flash uploader failed with this error message:
[IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2038"]
After a while I realized that it must be something server-side because when I used WireShark to see the traffic the server returns Error 500. The traffic is not captured by Firebug because it is Flash traffic.
The culprit is ModSecurity, a third party module used by most hosting companies. ModSecurity is a web application firewall that can work either embedded into Apache or as a reverse proxy.
A quick fix to allow uploads is to include these in the .htaccess file. These handle different Apache and ModSecurity versions and since we include the IfModule directive if the module is unavailable no error will be thrown. This relieves the need to consider what version of Apache and ModSecurity is used on the server.
For this example the script that handles the upload is named
# Apache 1.x and ModSecurity 1.x
# Apache 2.x and ModSecurity 1.x
# Apache 2.x and ModSecurity 2.x
That’s it! This fixes the Flash uploader problem.
By the way it might be useful to let you know that this issue was encountered on a server hosted under the Ebiz Linux package by Exabytes.