I’m actually posting this as a fix for a problem I was just having uploading CSV files. When I tried to upload a file that had previously worked I was getting no response or error message in the page.
I could see in my JavaScript console I was getting 403 errors related to /wp-admin/admin-ajax.php when I clicked the “import data now” button.
I thought it could be to do with Bulletproof Security and found this page: https://wordpress.org/support/topic/plugin-bulletproof-security-google-analytics-plugin-by-joost-conflicts
Which states:
you just need to allow this action in the wp-admin .htaccess file. You can add this skip/bypass rule to BPS wp-admin Custom Code CUSTOM CODE WPADMIN PLUGIN FIXES: and save it so that it is saved permanently to your DB. Then activate BulletProof Mode for your wp-admin folder again.
# GAW admin-ajax.php skip/bypass rule<br />
RewriteCond %{REQUEST_URI} (admin-ajax.php) [NC]<br />
RewriteRule . - [S=2]
This works for me, but I have no idea about security issues.
It also works now with Bulletproof Security re-enabled on my multisite installation (WordPress 4.0.1).
Also see this related thread: https://wordpress.org/support/topic/403-post-errors-with-wp-adminadmin-ajaxphp-breaks-some-plugins?replies=7#post-6279829