---
title: "\"An AJAX HTTP error occurred\" when uploading media"
date: "2024-01-18T18:10:44+00:00"
summary:
image:
type: "article"
url: "/acquia-cloud-platform/help/93131-ajax-http-error-occurred-when-uploading-media"
id: "300e12cc-7261-4d59-b22c-b5a6f8a195e8"
---

If, all of a sudden, the ability to add media through result in an AJAX error, it could be that Cloudflare has detected what it believes to be a vulnerability.  
  
Error messages will show in the browser developer tools console, and a typical error message looks like this:

    Drupal.AjaxError {message: "\nAn AJAX HTTP error occurred.\nHTTP Result Code: 40…ementsByTagName('head')[0].appendChild(cpo);}());", name: 'AjaxError', stack: 'Error\n at https://www.example.com/sites/g/f…[...]
    message
    :
    "\nAn AJAX HTTP error occurred.\nHTTP Result Code: 403\nDebugging information follows.\nPath: /media/add/image?element_parents=image/widget/0&ajax_form=1\nStatusText: error\nResponseText: Just a moment...Enable JavaScript and cookies to continue

Since Drupal permissions are rigorous in protecting uploads of files to your sites, you may need to reduce the 'paranoia level' that Cloudflare gives to media uploads. These instructions are based on [the Cloudflare OWASP Core Rules reference](https://developers.cloudflare.com/waf/managed-rules/reference/owasp-core-ruleset/).  
  
In your site's Cloudflare configuration, take the following path to get to the settings starting on the left sidebar:

1.  Click on **Security**, then **WAF**
2.  Then click on the **Managed rules** tab.
3.  Edit for the **Cloudflare OWASP Core Ruleset** and lower the paranoia level from what it currently is. For example, PL2 is a lower paranoia level than PL3.

If you have Platform CDN with us, and are using Cloudflare for that service, and you get stuck, reach out to Acquia Support and we can assist.