Is your WordPress site returning a 401 error?
It’s one of the most perplexing WordPress issues because it can lock you out of your site.
There are other names for the 401 error, including Error 401 and 401 Unauthorized Error. The warning ‘Access is forbidden due to invalid credentials’ or ‘Authorization required’ is sometimes displayed with these problems.
In this article, we’ll teach you how to fix the 401 problems in WordPress using various methods. We’ll also talk about what causes it and how to stay away from it in the future.
Contents
What Causes a WordPress 401 Error?
Incorrect authentication while talking with the WordPress hosting server causes the 401 error in WordPress.
If your WordPress admin folder is password-protected, for example, not inputting a password will result in a 401 error page on the WordPress login and admin pages.
However, you may get this issue even if your website does not have any particular password protection.
During a brute force attack, WordPress security plugins, for example, can shut down your admin area.
Security measures used by hosting firms to secure your WordPress website are another prevalent reason for this issue. When your WordPress login pages are frequented frequently, these security mechanisms begin to display this problem.
The 401 error is most commonly seen on the WordPress admin and login pages. It may, however, appear on all pages of your website in some situations.
You’ll have to figure out what’s causing the problem and then fix it.
So, let’s have a look at some different options.
1. Remove the password protection on the WordPress admin page for the time being.
If your WordPress admin directory is password-protected, this could be the solution you’re looking for.
Your admin directory password may have been forgotten, or your server setup may have changed.
Locate the Directory Privacy or Password Protected Directories icon in your WordPress hosting control panel.
When you access it, you’ll see all of your hosting account’s files and directories. Go to your wp-admin directory and click on the name to pick it.
The password protection settings will now be displayed in the control panel. Simply uncheck the box next to the ‘Password protect this directory option and save the file.
After that, go back to the top of the page and scroll down to the bottom. You’ll need to erase the username you used to access your password-protected directory from here.
Your WordPress admin directory’s password protection has been successfully disabled. You can now attempt to access your WordPress website.
If everything is working well, you may create a new user and password to enable password security for your WordPress admin area.
2. Clear the Firewall Cache in WordPress to Fix the 401 Error
If you use a cloud-based WordPress firewall service like Sucuri or Cloudflare, the firewall may fail to communicate with your website, resulting in a 401 error.
Sucuri Firewall’s Cache Purge
If you’re using Sucuri, go to the ‘Performance’ page from your Sucuri dashboard. To clear the cache, go to the ‘Clear Cache’ tab and click the ‘Clear Cache’ button.
Cloudflare Cache Purge
If you’re using Cloudflare, navigate to the ‘Caching’ area of the Cloudflare dashboard. To delete all cache, go to this page and click the ‘Purge everything’ button.
After you’ve cleared the cache on your firewall, go ahead and remove the cache on your browser or WordPress.
3. Turn off all WordPress plugins.
The 401 error can also be caused by a malfunctioning or improperly installed WordPress plugin. To determine if one of your WordPress plugins is causing the error, temporarily disable all of them.
By going to the plugins page in the admin area, you can easily deactivate WordPress plugins.
If you can’t get into the WordPress admin area, you’ll have to disable all WordPress plugins via FTP.
Using an FTP client, connect to your WordPress site. Once connected, navigate to the /wp-content/plugins folder and change it to plugins. deactivated.
All WordPress plugins will be deactivated if the plugins folder is renamed.
You can now try to log in to your WordPress website’s admin section. If everything appears to be in order, it is likely that one of the plugins was the source of the problem.
Switch back to your FTP client and rename the plugins folder to merely plugins once more.
After that, go to the plugins page in the WordPress admin area. You can now enable each plugin one by one until the 401 error appears again.
This will assist you in identifying the plugin that is causing the problem. Once you’ve located the plugin, you can either contact the plugin’s support or look for an alternative.
4. Change to the Default WordPress Theme
A feature within your WordPress theme may occasionally cause the 401 error on your website. To find out, you need to temporarily switch to a default WordPress theme.
The WordPress team creates default themes, which are included with the standard WordPress installation. Twenty-nineteen, twenty-seventeen, twenty-sixteen, and other themes are among them.
To begin, navigate to the Appearance » Themes page. If you have a default WordPress theme installed, you may now activate it.
If your site does not already have a default theme, you must install and activate one. Instructions on how to install a WordPress theme can be found in our tutorial.
After you’ve changed the theme, you may go ahead and test your website. If everything is working properly now, it is likely that your theme was the source of the 401 error.
You can report the problem to the theme developer, who may be able to assist you in resolving it. If it doesn’t work, you can change your WordPress theme permanently.
5. WordPress Password Reset
If someone tries to input a password repeatedly, WordPress hosting companies may limit access to the wp-admin and login pages.
Your access will be momentarily blocked in that instance, but you can try again within a few minutes.
However, recovering a forgotten WordPress password is preferable to guessing your password.
You will receive an email from WordPress with a link to change your password. The issue with this strategy is that WordPress may occasionally fail to deliver emails.
Don’t worry if you don’t receive the email. phpMyAdmin can also be used to reset the WordPress password.
6. Please contact a WordPress hosting company.
To avoid attacks, several WordPress hosting firms identify suspicious activity on a WordPress website and prohibit access.
These security measures may only affect the WordPress admin area, rendering your login page inaccessible for a period of time.
If it does not return to normal, or if you are seeing 401 errors on all of your site pages, you should immediately contact your WordPress hosting provider.
Their team will be able to investigate the access and error logs and resolve the problem for you.
You can safeguard your WordPress admin area from illegal access in the future by following our entire WordPress security tutorial.
We hope that one of these methods was able to assist you in resolving the 401 issues in WordPress. You might also be interested in our comprehensive WordPress troubleshooting guide, which includes step-by-step directions for resolving common WordPress issues on your own.