Password Protected Folder Gives 404 Not Found in WordPress Installation Sub-folder.


Came across this little maddening issue again today after fixing it a few months back. I created a directory that is password protected using a .htaccess file. However, when trying to access this folder or anything under this directory, a File Not Found 404 error from WordPress is displayed before it even prompts you for the password. The problem here lays within the main WordPress .htaccess file

The default .htaccess file for WordPress is:

# BEGIN wordpress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END wordpress

This means that if a file is requested from the server, if it is not a file that exists in the server’s folder directory (!-f) and if it is not a directory that exists in the server’s folder directories (!-d) then pass the request onto index.php. This way, WordPress will handle both customized URLs (such as those used for SEO) and also 404 File Not Found errors.

If you set up a password protected folder in a directory included in a WordPress install, all of a sudden WordPress takes over that folder and returns a 404 page, like the file doesn’t exist.

This happens because of a little ‘gotcha’ in the apache configuration. Luckily it is an easy fix.

In the password protected folder’s .htaccess file, you may already have the entries to ask for password access. Before all of that, place the following line:

ErrorDocument 401 /401.html

Then create a 401.html in the main folder, with any text, for example:

PASSWORD PROTECTED FOLDER - Please enter the correct username/password.

Voila, you can now enter your password protected folder again.

There is another workaround this little error, but since it involves editing the main wordpress .htaccess file, it can be overridden during an upgrade.

Solution found on: