A username and password are being requested by http://xyz.com. The site says: "Restricted Area"

August 12, 2014 8.8k views

When I click on login for Wordpress I get a login box saying, A username and password are being requested by http://xyz.com. The site says: "Restricted Area". I have to enter the original login info for admin. How do I make this go away?

2 Answers

The password prompt is added for additional security on the WordPress admin page. You can disable it by editing /etc/apache2/apache2.conf From the full tutorial, One-Click Install WordPress on Ubuntu 14.04 with DigitalOcean:

To remove the additional password prompt, you'll need to log into your VPS instance through SSH.... Once logged in, you need to update the main Apache configuration file. Open it as root with your text editor:

nano /etc/apache2/apache2.conf

Inside, you need to find the section that deals with the "/wp-admin/" section. It should look like this

<DirectoryMatch ^.*/wp-admin/>
    AuthType Basic
    AuthName "Please login to your droplet via SSH for login details."
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
</DirectoryMatch>

This entire section can be commented out by placing the "#" character before each line, like this:

#<DirectoryMatch ^.*/wp-admin/>
#    AuthType Basic
#    AuthName "Please login to your droplet via SSH for login details."
#    AuthUserFile /etc/apache2/.htpasswd
#    Require valid-user
#<DirectoryMatch>

Once this is complete, you can restart Apache for your new changes to take affect.

service apache2 restart

This should remove the additional password prompt from the administrative areas, which is usually okay since WordPress itself can handle authentication.

Hi,

I do not have this section in my /etc/apache2/apache2.conf file. I keep getting the login prompt on my sites. There must be settings to change somewhere else...

<DirectoryMatch ^.*/wp-admin/>
    AuthType Basic
    AuthName "Please login to your droplet via SSH for login details."
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
</DirectoryMatch>
Have another answer? Share your knowledge.