All of our cute editor windows that allow file upload are in the admin section of the site which is password protected. I tried the code from above and am still get a "The area you are attempting to access is forbidden" message in the pop up window when you try to upload any files.

 

here is a copy of the default.config file I have made a couple modifications to use larger sizes and differnt paths but note that it did not fucntion under the default configuration either (yes each of these folders exists and if the image gallerypath is programmatically specified I am able to upload items to the /UserFiles/Media folder (or any of the other folders) even though it is not programmatically specified:

 

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
 <security name="MaxImageSize">1000</security>
 <security name="MaxMediaSize">100000</security>
 <security name="MaxFlashSize">10000</security>
 <security name="MaxDocumentSize">10000</security>
 <security name="MaxTemplateSize">1000</security>
 <security name="ImageGalleryPath">/UserFiles/Image</security>
 <security name="MediaGalleryPath">/UserFiles/Media</security>
 <security name="FlashGalleryPath">/UserFiles/Flash</security>
 <security name="TemplateGalleryPath">/templates</security>
 <security name="FilesGalleryPath">/UserFiles/File</security>
 <security name="AllowUpload">true</security>
 <security name="AllowCreateFolder">true</security>
 <security name="AllowRename">true</security>
 <security name="AllowDelete">true</security>
  <security name="ImageFilters">
    <item>.jpg</item>
    <item>.jpeg</item>
    <item>.gif</item>
    <item>.png</item>
  </security>
  <security name="MediaFilters">
    <item>.avi</item>
    <item>.mpg</item>
    <item>.mpeg</item>
    <item>.mp3</item>
    <item>.wmv</item>
    <item>.wav</item>
  </security>
  <security name="DocumentFilters">
    <item>.txt</item>
    <item>.doc</item>
    <item>.pdf</item>
    <item>.zip</item>
    <item>.rar</item>
    <item>.avi</item>
    <item>.mpg</item>
    <item>.mpeg</item>
    <item>.mp3</item>
    <item>.wav</item>
    <item>.swf</item>
    <item>.jpg</item>
    <item>.jpeg</item>
    <item>.gif</item>
    <item>.png</item>
    <item>.htm</item>
    <item>.xls</item>
    <item>.html</item>
    <item>.rtf</item>
    <item>.wmv</item>
  </security>
  <security name="TemplateFilters">
    <item>.txt</item>
    <item>.rtf</item>
    <item>.html</item>
    <item>.htm</item>
    <item>.xml</item>
  </security>
  <!-- Allow upload, disable the delete,create funtion -->
  <security name="DemoMode">false</security>
</configuration>