If you are trying to password protect a folder inside WordPress directory, then you will probably end up with ‘404 not found’ error while accessing it via web browser. This error is caused due to the WordPress Permalink feature. This tutorial will tell you how to fix 404 Error on Password protected folders inside WordPress
Before we start discussing the solution, just imagine this scenario – You have installed a WordPress under ‘public_html’ or ‘www’ directory and there is a folder named ‘protect’ which is actually password protected using .htaccess or via cPanel’s ‘Password Protect Directories’ feature. Now if you try to access the folder via web browser (say http://domain.com/protect), you will see 404 not found error.
What’s the reason for “WordPress 404 error on password protected folder”?
WordPress uses .htaccess file in the root folder to set rules for permalinks and disturbs the access to password protected folders.
Caution: Editing .htaccess will disturb WordPress permalinks and the site will break down completely. So, try out the below exercise only if you know what you are doing.
For example, below is the sample .htaccess file created by WordPress permalink feature.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPressNow to make the password protected folder to work inside WordPress, this link suggested to replace ‘RewriteRule . /index.php [L]’ with ‘RewriteRule ./ /index.php [L]‘. But wait!! This solution made the password protected folder to work properly, but the WordPress permalinks got disturbed and all the posts & pages ended up throwing 404 errors. Since this solution didn’t work for me, I don’t recommend using it.
However, the below solution worked for me and I guess, it might work for everyone.
Fix 404 Error on Password protected folders inside WordPress
If you make any changes within ‘# BEGIN WordPress and # END WordPress’ in .htaccess file, then WordPress permalink feature will replace with its settings. So our solution will be placed outside ”# BEGIN WordPress and # END WordPress’.
Step 1: Go to WordPress root directory
Step 2: Open .htaccess
$ vim .htaccess
Step 3: Add the below lines.
ErrorDocument 401 Authorization required ErrorDocument 403 Authorization required
So .htaccess will look as below:
ErrorDocument 401 Authorization required
ErrorDocument 403 Authorization required
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPressThat’s it! Try accessing the password protected folders inside WordPress and it should prompt for username and password. This solution does not disturb WordPress permalink settings, so your pages and posts are still going to work the way it used to be.
