Keep getting 401 error from WordPress on AWS Lightsail

I’ve found a solution.

The WordPress made from AWS Lightsail instance image is bitnami WordPress.
And the bitnami WordPress is disabled Basic Authentication as default. So it needs some modification on /opt/bitnami/apps/WordPress/conf/httpd-app.conf to enable Basic Authentication. This modification is adding 3 lines below.

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

The httpd-app.conf ended up below.

RewriteEngine On
RewriteRule /<none> / [L,R]

<IfDefine USE_PHP_FPM>
    <Proxy "unix:/opt/bitnami/php/var/run/wordpress.sock|fcgi://wordpress-fpm" timeout=300>
    </Proxy>
</IfDefine>

<Directory "/opt/bitnami/apps/wordpress/htdocs">
    Options +MultiViews +FollowSymLinks
    AllowOverride None
    <IfVersion < 2.3 >
        Order allow,deny
        Allow from all
    </IfVersion>
    <IfVersion >= 2.3>
        Require all granted
    </IfVersion>
    
    

    <IfDefine USE_PHP_FPM>
       <FilesMatch \.php$>
         SetHandler "proxy:fcgi://wordpress-fpm"
       </FilesMatch>
    </IfDefine>

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
    
    RewriteEngine On
    #RewriteBase /wordpress/
    RewriteRule ^index\.php$ - [S=1]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . index.php [L]

    Include "/opt/bitnami/apps/wordpress/conf/banner.conf"
</Directory>

Include "/opt/bitnami/apps/wordpress/conf/htaccess.conf"

Then restart apache or the instance itself.
Then I installed the Application Passwords plugin and I use it as a normal procedure.
The following message of the plugin displayed on the profile page has gone.

 Due to a potential server misconfiguration, it seems that HTTP Basic Authorization may not work for the REST API on this site: `Authorization` headers are not being sent to WordPress by the webserver. You can learn more about this problem, and a possible solution, on our GitHub Wiki.

The HTTP_AUTHORIZATION environment variable in the .htaccess file doesn’t need to be replaced REMOTE_USER.
Just in case, I show my .htaccess file below.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

This solution is from this page.
The difference of solution between this solution page and my solution above is I use the Application Passwords plugin but they use the JSON Basic authentication plugin.

Related Posts:

  1. WordPress site hacked. Has .htaccess been hacked?
  2. htaccess https redirect from www to non-www
  3. .htaccess and 500 error, extra character added
  4. Place static HTML files in path below WordPress page
  5. Static raw HTML page
  6. htaccess rewrite for author query string when WP is in subfolder
  7. Why “Settings->Permalinks” creates .htaccess file on nginx server?
  8. .htaccess for wordpress inside another wordpress install
  9. .htaccess file redirecting to parent directory
  10. Rewrite /?rest_route=/ link to /wp-json/ without changing default permalink structure in apache
  11. Globally force SSL on all pages
  12. Rewrite rule not working
  13. Correct htaccess to display page while also passing in GET parameters
  14. Using “wordpress_logged_in” to restrict direct access to uploads folder in 2021
  15. Temporary .htaccess blocking is disabling WP Crons from running?
  16. .htaccess redirects disappeared after re-saving permalinks
  17. How have I misconfigured basic auth for my wordpress site?
  18. WordPress trims off the forward slash when import
  19. WordPress best solution shared theme for consumers and businesses (two url’s one instaltion)
  20. Redirect main domain to subdirectory
  21. different child theme for subdomain
  22. How do I edit the htaccess file to optimize my website?
  23. Block only external access to wp-cron.php on OpenLiteSpeed
  24. Removing code added to htaccess with insert_with_markers
  25. Site searches by Python for non-existent assets
  26. WordPress On subfolder
  27. WordPress 404 on Subdomain
  28. Can’t Access Subdirectory
  29. Override htacces rule only for specific directory
  30. How To Allow Only Specific User Agent To Access a URL?
  31. browser caching not disabled after disabling in .htaccess
  32. How to ignore folder in site root while accessing a URL
  33. How can I enable keep alive (Not accessing to Apache)
  34. HTTP sitewide, except for: wp-admin, and 2 custom directories
  35. WordPress installed in root, need second in subdirectory with different domain
  36. htaccess has broken my site
  37. TimThumb & htaccess : clean url
  38. Rules in .htaccess only if the requested URL is /wp-admin
  39. HTTP Error 406 always on site?
  40. Point all URLs to homepage but maintain URL
  41. htaccess working on local server but not on live server
  42. External content won’t load in iframe in Safari
  43. How to write .htaccess so that https is on for subpages only but not the home page
  44. Only Allow Front End Access
  45. .htacess rewrite condition: page to seconddomain/page
  46. Separate 404 page for WordPress in subfolder
  47. Custom rewrite rule, url returning 404
  48. mod_rewrite doesn’t work as I want even with JSON API Plugin disabled
  49. WordPress .htaccess file gives issues with subdirectory
  50. Need help rebuilding lost htaccess file
  51. W3 Total Cache CSS & JS files GZip issues [closed]
  52. WP Super Cache unable to locate cache file for only the homepage
  53. Cannot login to WordPress site after changing .htaccess for security purposes
  54. WordPress permalink, stop redirection
  55. How to rename index.php to home.php
  56. Strange behaviour of is_user_logged_in() and get_current_user_id()
  57. add_rewrite_rule to remove /category/ from permalink
  58. disable WordPress 404 for one specific page/folder to receive actual php errors
  59. .htaccess Non-‘www’ to ‘www’ Subdomain Redirection Only Works for Homepage
  60. .htpasswd asking for authentication on home page
  61. Non WordPress Folder in a WordPress Site
  62. WordPress login fail after .htaccess domain redirect
  63. Redirect to new domain with .htaccess [closed]
  64. Access sub-domain when root public_html is protected with .htaccess password
  65. Redirect https://www.subdomain.domain.com is not redirecting to subdomain.website.com [closed]
  66. Can’t access htaccess [closed]
  67. Htaccess rewrite based on query string, not working [closed]
  68. Redirect all subdomains to root domain
  69. Change root directory
  70. .htaccess redirect not properly working [ ?utm_source=]
  71. How to execute WordPress as though it is in the root folder while it is installed in a subdirectory?
  72. Htaccess maintenance page rules that actually work with WordPress?
  73. How to allow only vpn access to dashboard on Bitnami WordPress by IP address restricting
  74. Should I prevent access to .htaccess and wp-config.php files?
  75. Blocking wp-login in HTACCESS has also blocked password protected pages
  76. Basic Auth .htaccess on wp-login, but allow logout from woocommerce
  77. htaccess redirect to path
  78. Non-wordpress subdomain on Multisite Installation
  79. Unable leverage Browser Caching on AWS Bitnami stack (Apache) through W3TC and Cloudfront CDN
  80. Downloading zip or tar.gz inside WordPress installation?
  81. Clicking PUBLISH Now Redirects to 404 PAGE NOT FOUND
  82. Unable to find ‘full-path’ to my 404.php file
  83. Rewrite rules and maintain URL
  84. Use htaccess to redirect wordpress non-existent page to homepage
  85. Subfolder renaming
  86. Targeting .htaccess file with file_put_contents
  87. Redirect Loop in Regex Moving to HTTPS
  88. .htaccess file changes disappear
  89. Need to edit htaccess while moving on WordPress
  90. WordPress login bug. Need an emergency solution
  91. How can I create a private site that is inaccessible from the outside?
  92. .htaccess and virtual host configuration for WP in its own directory
  93. 403 forbidden due to .htaccess?
  94. Issue after changing permalink structure [duplicate]
  95. Where is the htaccess in wordpress.com hosting?
  96. rewrite rule on plugin activation
  97. Debug errors for “Destination directory for file streaming does not exist or is not writable”
  98. Url redirection using htacess for my website
  99. WordPress redirection
  100. .htaccess seems to be required but I can not find it
techhipbettruvabetnorabahisbahis forumutaraftarium24eduseduseduedueduseduedusedueduedus