Password-protect access to WordPress with Apache

To configure Apache to request a username and password when accessing your application, follow these steps:

  • Log in via SSH to your WordPress instance.

  • At the console, type the following commands. Remember to replace USERNAME and PASSWORD with your desired username and desired password respectively.

      $ cd /opt/bitnami
      $ sudo ./apache/bin/htpasswd -cb apache/conf/wordpress_users USERNAME PASSWORD
  • Edit the /opt/bitnami/apache/conf/vhosts/wordpress-vhost.conf file and add the following lines. You also need to comment the Require all granted line as shown below:

      AddType application/x-httpd-php .php
      <VirtualHost _default_:80>
            # Require all granted
            DirectoryIndex index.html index.php
            AuthType Basic
            AuthName "Authentication required to enter the site"
            AuthUserFile "/opt/bitnami/apache/conf/wordpress_users"              
            Require valid-user
  • Restart the Apache server in each WordPress instance:

      $ sudo service bitnami restart apache

When accessing the application, you will see the following authentication popup window. Enter the username and password that you have defined in the first step:

Authentication required

To change the password later, run the htpasswd utility without the -c switch:

$ sudo /opt/bitnami/apache/bin/htpasswd /opt/bitnami/apache/conf/wordpress_users USERNAME
Last modification February 20, 2019