Password-protect access to WordPress with Apache

To configure Apache to request a username and password when accessing your application, follow these steps:

  • Log in via SSH to your WordPress instance.

  • At the console, type the following commands. Remember to replace USERNAME and PASSWORD with your desired username and desired password respectively.

    $ cd /opt/bitnami
    $ sudo ./apache/bin/htpasswd -cb apache/conf/wordpress_users USERNAME PASSWORD
  • Edit the /opt/bitnami/apache/conf/vhosts/wordpress-vhost.conf file and add the following lines. You also need to comment the Require all granted line as shown below:

    AddType application/x-httpd-php .php
    <VirtualHost _default_:80>
          # Require all granted
          DirectoryIndex index.html index.php
          AuthType Basic
          AuthName "Authentication required to enter the site"
          AuthUserFile "/opt/bitnami/apache/conf/wordpress_users"              
          Require valid-user
  • Restart the Apache server in each WordPress instance:

    $ sudo service bitnami restart apache

When accessing the application, you will see the following authentication popup window. Enter the username and password that you have defined in the first step:

Authentication required

To change the password later, run the htpasswd utility without the -c switch:

$ sudo /opt/bitnami/apache/bin/htpasswd /opt/bitnami/apache/conf/wordpress_users USERNAME
Last modification February 20, 2019