Hi folks - brand new clean install of Wordpress but when looking at the Application password feature (required for this particular build), I see the message:
“Your website appears to use Basic Authentication, which is not currently compatible with Application Passwords.”
I’ve not basic auth turned on, site is open and as I said above, it’s a vanilla install of WP.
Can anyone point me in the right direction?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Heya,
This message often appears when there is some form of Basic Authentication configured at the server level, which might be interfering with the Application Passwords feature in WordPress.
Debugging Steps:
Check Web Server Configuration: Inspect your web server’s configuration files (e.g.,
.htaccess
for Apache,nginx.conf
for Nginx) to make sure there is no Basic Authentication being applied to the WordPress directories or elsewhere.Check Plugins: Even though it’s a new install, check if any plugin might be enabling Basic Authentication inadvertently. Deactivate all plugins to see if the problem persists.
Check Theme Functions: Inspect your theme’s
functions.php
file for any custom code that might be enabling Basic Authentication.Check Droplet Configuration: Since you are on a Droplet (presumably from DigitalOcean), also check any configurations or settings provided by DigitalOcean which might have set up Basic Authentication on the server.
Specific Solutions
Disable Basic Authentication: If you find any Basic Authentication configuration, try to comment it out or remove it, then restart your web server and see if it solves the problem.
For Apache you may find lines like these in your
.htaccess
file orhttpd.conf
file:Modify REST API Prefix: If you are unable to disable Basic Authentication for some reason, you might try changing the REST API prefix in WordPress. By default, the REST API prefix is
wp-json
, and some security configurations may block access to URLs with this prefix. Try changing it to something else in yourwp-config.php
file:This will change the API URLs to something like
https://yoursite.com/new-prefix/wp/v2/
.Check the Server Logs
Don’t forget to check your web server’s error logs for any messages or hints related to the issue. They might contain useful information that can help you troubleshoot the problem.
Hello @digitalocean304971
The Application Passwords feature in WordPress communicates via the WordPress REST API, and it seems like the error message you are seeing indicates an issue with that functionality. I suggest checking your .htaccess file, as certain rules may conflict with the REST API. In case this problem persists, try disabling all plugins and switch to a default WordPress theme to isolate the issue.
Additionally, depending on your Droplet’s setup, there might be some server-level configurations affecting this. However, without specific details, it’s difficult to provide a more concrete solution.
You might find this DigitalOcean tutorial, How To Install WordPress with LAMP on Ubuntu 22.04, particularly useful. It provides a step-by-step guide on setting up WordPress, and while it’s focused on Ubuntu 18.04, the principles should be broadly applicable.
Hope that this helps!