I was having a difficult time finding information on how to password protect a directory in WordPress without it throwing a 404 not found error. After lots of searching and multiple examples across lots of other sites, here’s the short and sweet version, all in one place.
Create a file called 401.html and add the following to it:
AUTHENTICATION REQUIRED You need a username and password to access this area.
Upload the file to the root directory of your WP install.
Add the following to an .htaccess file and upload it to the directory you want to protect:
ErrorDocument 401 /401.html AuthName "Secure Area" AuthType Basic AuthName "Password Protected Area" AuthUserFile /path/to/directory/.htpasswd Require valid-user
Add the following to an .htpasswd file and upload it to the directory you want to protect:
You can add multiple usernames and passwords to this file. Add each to its own line. Also, the password must be encrypted, which you can do here: http://www.kxs.net/support/htaccess_pw.html
- If you don’t add the 401.html file in Step 1, WordPress will throw a 404 not found error when you try to navigate to the protected directory.
- You can put the 401.html file in a folder of its own if you like, just be sure to change the location in the .htaccess file.
- Make sure to put the full server path for the AuthUserFile. Many look
similar to home/user/public_html/website/directory/.htpasswdYour webhost can help you with this. Or you can do this trick to find the full path to a file using PHP.