Are you experiencing a 401 error on your WordPress website?
It’s one of the most confusing WordPress errors that can prevent you from accessing your WordPress site.
The 401 error has various names, including 401 Unauthorized error. Sometimes, these errors come with messages like “Access is denied due to invalid credentials” or “Authorization required.”
In this article, we will present you with different solutions to easily fix the 401 error in WordPress. We will also discuss its causes and how to avoid it in the future.
What Causes the 401 Error in WordPress?
The 401 error in WordPress is caused by invalid authentication during the connection to the WordPress hosting server.
For example, if you have a password-protected WordPress admin folder and fail to enter the correct password, it will display the 401 error page on the login and admin pages in WordPress.
However, in some cases, you may encounter this error even without adding any password protection to your website.
For example, security plugins in WordPress can sometimes block access to the admin area during brute force attacks.
Another common reason for this error is the security measures taken by your web hosting company to protect your WordPress site. These security measures may trigger the 401 error when there is excessive access to WordPress login pages.
Most commonly, the 401 error appears on the WordPress admin and login pages. However, in some cases, it may show up on all pages of your website.
You will need to investigate the cause of the error and precisely fix it.
With that being said, let’s take a look at different solutions to quickly fix the 401 error in WordPress.
-
Temporarily Remove Password Protection on WordPress Admin
If you have a password-protected WordPress admin directory, this might be the solution you need.
You may have forgotten the password for the admin directory, or perhaps the server configuration has been changed.
Go to your WordPress hosting control panel and locate the privacy or password-protected directories setting.
Our screenshot shows the Bluehost hosting account, but most hosting control panels will have this option.
Once you open it, you will see all the files and folders on your hosting account.
Browse to the wp-admin directory and select it by clicking on the name.
The Control Panel will now display its password protection settings.
Simply uncheck the box next to the “Password protect this directory” option and click the “Save” button.
After that, click the “Go Back” button and scroll down to the bottom of the page. From here, you need to remove the username you used to log in to your password-protected directory.
You have successfully disabled the password protection for your WordPress admin directory. Now, you can try logging in to your WordPress site.
If everything is working fine, you can proceed and enable password protection for your WordPress admin area by creating a new username and password.
-
Clear the Firewall Cache to Fix the 401 Error in WordPress
If you are using a firewall service for WordPress like Sucuri or Cloudflare, you may encounter a 401 error when the firewall fails to connect to your website.
Clear the cache in Sucuri firewall:
If you are using Sucuri, log in to your Sucuri dashboard and visit the “Performance” page. Here, you need to switch to the “Clear Cache” tab and then click the “Clear Cache” button.
Clearing Cache in Cloudflare :
If you are using Cloudflare, you need to log in to your Cloudflare dashboard and navigate to the “Caching” section. From here, you need to click on the “Purge Everything” button to clear all cache memory.
After clearing the cache of the firewall, go ahead and clear your browser’s cache or WordPress cache as well. Refer to our comprehensive guide on “How to Clear WordPress Cache” for more details.
-
Deactivate All WordPress Plugins
A poorly coded or misconfigured WordPress plugin can lead to the 401 error. To find out if the error is caused by any of the plugins, you’ll need to temporarily deactivate all WordPress plugins.
You can simply deactivate WordPress plugins from within the admin area by visiting the “Plugins” page.
However, if you cannot access the WordPress admin area, you will need to use FTP to deactivate all WordPress plugins.
Simply connect to your WordPress site using an FTP client. Once connected, navigate to the /wp-content/ folder and rename the “plugins” folder to something else.
Renaming the plugins folder will deactivate all WordPress plugins.
Now, you can visit your WordPress site’s admin area and try to log in. If everything is working fine, it means one of the plugins was causing the issue.
You now need to go back to your FTP client and rename the plugins folder back to “plugins” only.
After that, go back to the WordPress admin area and navigate to the “Plugins” page. Now, you can activate each plugin one by one until you start seeing the 401 error again.
This will help you identify the problematic plugin. Once you find the plugin causing the issue, you can reach out to the plugin’s support or find an alternative plugin.
-
Switch to the Default WordPress Theme
Sometimes, a function within your WordPress theme can trigger the 401 error on your website. To check that, you need to temporarily switch to the default WordPress theme.
The default themes are created by the WordPress team and are shipped with the default WordPress installation. These themes include Twenty Nineteen, Twenty Seventeen, Twenty Sixteen, and more.
First, go to “Appearance » Themes” page. Now, if you have a default WordPress theme installed, you can activate it.
If you don’t have a default theme installed on your site, you need to install and activate one. Refer to our guide on “How to Install a WordPress Theme” for instructions.
After switching the theme, you can go ahead and test your website. If everything is working fine now, it means your previous theme was causing the 401 error.
You can report the issue to the theme developer, and they might be able to help you fix it. If that doesn’t work, you can permanently change your WordPress theme.
-
Reset WordPress Password
Sometimes, WordPress hosting companies may block access to the wp-admin pages and login if someone attempts to enter the password repeatedly.
In this case, your access will be temporarily blocked, and you can try again after a few minutes.
However, instead of guessing your password, it’s better to reset your forgotten WordPress password. You can do this by using the “Lost your password?” link on the login page.
WordPress will send you an email containing a link to change your password. The issue with this method is that sometimes WordPress may fail to send email notifications.
If you don’t receive the email, there’s no need to worry. You can also reset your WordPress password using phpMyAdmin.
-
Contact your WordPress Hosting Provider
Many WordPress hosting companies automatically detect suspicious activity on a WordPress website and block access to prevent attacks.
These security precautions sometimes only affect the WordPress admin area, and you may be unable to access your login page for a period of time.
However, if your website doesn’t return to normal or you still see the 401 error on all pages of your site, you need to contact your WordPress hosting provider immediately.
Their staff will be able to check the access logs and errors to troubleshoot the issue on your behalf.
To prevent such issues in the future, you can follow our comprehensive “WordPress Security Guide” to protect your WordPress admin area from unauthorized access.
We hope one of these solutions helps you fix the 401 error in WordPress.