This particular WordPress issue appeared with version 5.3 and is refusing to go away. However, the problem here is not with WordPress but with the Apache ModSecurity. The particular ModSecurity rule in question is 200003 that’s been giving webmasters a headache for half a decade now.

The specific WordPress error in question is:

You will find this error message inside wp-includes/script-loader.php:

Truth be told, this error has very little to do with server resources or the image size (as long as the image size is within your WordPress and PHP limits). This error is chiefly a result of sloppy coding.

Looking further for http_error_image, you will spot it in these two files:

The clue to the error’s cause can be found in wp-includes/js/plupload/wp-plupload.js:

So it’s a 5xx error coming from the Web server. Checking the Apache logs, you will see these errors that coincide in time with your failed file upload attempts:

Open the specified location of the mod_security.conf file (/etc/httpd/conf.d/mod_security.conf in my case) and add the SecRuleRemoveById 200003 line to the end of the </IfModule> section.

Restart Apache and you should be good to go. How bad is this for your server’s security? Probably not too bad: this particular rule is known to be buggy and its value is questionable at best.