Question

A username and password are being requested by http://xyz.com. The site says: "Restricted Area"

Posted August 12, 2014 18.1k views

When I click on login for Wordpress I get a login box saying, A username and password are being requested by http://xyz.com. The site says: “Restricted Area”. I have to enter the original login info for admin. How do I make this go away?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

The password prompt is added for additional security on the WordPress admin page. You can disable it by editing /etc/apache2/apache2.conf From the full tutorial, One-Click Install WordPress on Ubuntu 14.04 with DigitalOcean:

To remove the additional password prompt, you’ll need to log into your VPS instance through SSH.... Once logged in, you need to update the main Apache configuration file. Open it as root with your text editor:

nano /etc/apache2/apache2.conf

Inside, you need to find the section that deals with the “/wp-admin/” section. It should look like this

<DirectoryMatch ^.*/wp-admin/>
    AuthType Basic
    AuthName "Please login to your droplet via SSH for login details."
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
</DirectoryMatch>

This entire section can be commented out by placing the “#” character before each line, like this:

#<DirectoryMatch ^.*/wp-admin/>
#    AuthType Basic
#    AuthName "Please login to your droplet via SSH for login details."
#    AuthUserFile /etc/apache2/.htpasswd
#    Require valid-user
#<DirectoryMatch>

Once this is complete, you can restart Apache for your new changes to take affect.

service apache2 restart

This should remove the additional password prompt from the administrative areas, which is usually okay since WordPress itself can handle authentication.

Hi,

I do not have this section in my /etc/apache2/apache2.conf file. I keep getting the login prompt on my sites. There must be settings to change somewhere else…

<DirectoryMatch ^.*/wp-admin/>
    AuthType Basic
    AuthName "Please login to your droplet via SSH for login details."
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
</DirectoryMatch>
Submit an Answer