Discover Centmin Mod today
Register Now

Wordpress Getting Your connection is not private error" and "401 Authorization Required" in Wordpress login

Discussion in 'Blogs & CMS usage' started by pheonis, Jan 18, 2019.

  1. pheonis

    pheonis Member

    54
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    10:58 PM
    My domain is zepper.in – Just another WordPress site. I can log in to my WordPress dashboard using https://zepper.in/wp-admin but i can't log in when i use HTTP instead of https if I use http://zepper.in/wp-admin.
    When i try to login without https, a login popup opens with"Your connection to this site is not private" written and asking username and password and then when i put the username and password it wont let me login and then when i cancel the popup "401 Authorization Required".nginx
    Along with that, I can't use some of my plugins and I get "http 500 error".
    Now i have 3 other domains in the same server,i have installed them using the same process as this. But they are working perfectly fine. I can log in using "http://" in those domains and also don't get HTTP 500 error in some plugins
    I think there is some error in the vhost file.
    Please help me out. Im just a newbie user in linux.
     
  2. eva2000

    eva2000 Administrator Staff Member

    42,001
    9,473
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,577
    Local Time:
    3:28 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    1. How was wordpress installed ? via centmin.sh menu option 22, if so read below troubleshooting steps
    2. Did you answer yes to self-signed ssl certificate / HTTPS when running centmin.sh menu option 22 ?

    Please fill in any relevant information that applies to you:
    • CentOS Version: i.e. CentOS 6 32bit or 64bit / CentOS 7 64bit ?
    • Centmin Mod Version Installed: i.e. 123.08stable or 123.09beta01
    • Nginx Version Installed: i.e. 1.15.3
    • PHP Version Installed: i.e. 5.6.37, 7.0.31, 7.1.21, 7.2.9
    • MariaDB MySQL Version Installed: i.e. 10.0.x or 10.1.xx or 10.2.xx
    • When was last time updated Centmin Mod code base ? : i.e. run centmin.sh menu option 23 submenu option 2 or cmupdate command
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      cat /etc/centminmod/custom_config.inc
      

      Post output in CODE tags.

    Troubleshooting Centmin Mod Menu Option 22 Wordpress Install Run



    To troubleshoot centmin.sh menu option 22 wordpress installation, you need to check the centmin.sh menu option 22 log located in /root/centminlogs at /root/centminlogs/centminmod_*_wordpress_addvhost.log based log where * is the centminmod version and date timestamp. Edit and mask any actual ftp username/password or wordpress usernames and logins before posting the log contents to Pastebin.com or Gists to share a sanitised version of the contents of the log.

    Example list /root/centminlogs files in date ascending order and grep for wordpress_addvhost.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep wordpress_addvhost.log
    

    example output returns log at /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep wordpress_addvhost.log
    -rw-r--r--  1 root root 2.2M Oct 11 01:40 /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    

    in SSH use cat to ouput contents of /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log. Clear your SSH client window/buffer so only output is the contents of the file
    Code (Text):
    cat /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    

    Then copy and paste into Pastebin.com or Gists entry. If your SSH window scroll buffer isn't that large to get the whole contents of the install log, you can download file manually and copy and paste contents. But makes sure it's sanitised version of the contents without revealing sensitive info. For example you can replace domain name of the wordpress site with generic dummy entry = domain.com if you want and mask site/server IP revealed in the log with generic dummy entry = 111.222.333.444.
     
  3. pheonis

    pheonis Member

    54
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    10:58 PM
    1: Using the 22 Option in Centmin
    2: Yes i used the SSL

    CentOS Version: CentOS7 64bit
    Centmin Mod Version Installed: 123.09beta01
    nginx version: nginx/1.15.7
    PHP Version Installed:PHP 7.3.0
    MariaDB MySQL Version Installed:mysql Ver 15.1 Distrib 10.1.37-MariaDB
    cmupdate: Already up to date
    Persistent Config Output:
    Code:
    cat: /etc/centminmod/custom_config.inc: No such file or directory
    Output of centminlogs/wordpress_addvhost.log
    centminmod - Pastebin.com
     
  4. eva2000

    eva2000 Administrator Staff Member

    42,001
    9,473
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,577
    Local Time:
    3:28 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    that's only a small portion of the entire log you provided so can't see it all... if the wordpress blog can be recreated, you can try uninstalling it and doing a fresh centmin.sh menu option 22 run for it

    Every centmin.sh menu option 22 run has an accompanying uninstall script at /root/tools/wp_uninstall_${vhostname}.sh where ${vhostname} = your domain name. You can run that to uninstall almost everything except mysql database which you have to manually remove yourself - extra precaution in case you accidentally run the wrong uninstall script.
     
  5. pheonis

    pheonis Member

    54
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    10:58 PM
    It's really hard to create the wordpress site again as i already have more than 35000 products imported and 35000 images added to media. So doing it again will be a really tough task. If i backup and restore the whole wordpress, Will the issue persist?I have 3 other website in the same server but they dont have the issue like the current one.
     
  6. eva2000

    eva2000 Administrator Staff Member

    42,001
    9,473
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,577
    Local Time:
    3:28 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    It's just easier to diagnose if uninstall reinstall if that is all of the log file from centmin.sh menu option 22 run is available that you posted as it isn't the full log expectation wise so just blindly guessing as to what the issue is. So next step without uninstalling is inspecting both non-https domain.com.conf and https domain.com.ssl.conf nginx vhost contents.

    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags
     
  7. pheonis

    pheonis Member

    54
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    10:58 PM
    Ok here are the details:
    Content of demodomain.com.conf file :
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #            listen   80;
    #            server_name demodomain.com;
    #            return 301 $scheme://www.demodomain.com$request_uri;
    #       }
    
    server {
    
      server_name demodomain.com www.demodomain.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/demodomain.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/demodomain.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/demodomain.com/autoprotect-demodomain.com.conf;
      root /home/nginx/domains/demodomain.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      #include /usr/local/nginx/conf/wpincludes/demodomain.com/wpcacheenabler_demodomain.com.conf;
      #include /usr/local/nginx/conf/wpincludes/demodomain.com/wpsupercache_demodomain.com.conf;
      # https://community.centminmod.com/posts/18828/
      include /usr/local/nginx/conf/wpincludes/demodomain.com/rediscache_demodomain.com.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      #try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
        #include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /wp-admin/(load-scripts\.php) {
        limit_req zone=xwprpc burst=5 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /wp-admin/(load-styles\.php) {
        limit_req zone=xwprpc burst=5 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/demodomain.com/wpsecure_demodomain.com.conf;
      #include /usr/local/nginx/conf/php-wpsc.conf;
    
      # https://community.centminmod.com/posts/18828/
      include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/pre-staticfiles-local-demodomain.com.conf;
      include /usr/local/nginx/conf/pre-staticfiles-global.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    Content of demodomain.com.ssl.conf
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    # For HTTP/2 SSL Setup
    # read http://centminmod.com/nginx_configure_https_ssl_spdy.html
    
    # redirect from www to non-www  forced SSL
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    # server {
    #   server_name demodomain.com www.demodomain.com;
    #    return 302 https://$server_name$request_uri;
    # }
    
    server {
      listen 443 ssl http2;
      server_name demodomain.com www.demodomain.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/demodomain.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/demodomain.com/demodomain.com.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/demodomain.com/demodomain.com.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
      #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/demodomain.com/origin.crt;
      #ssl_verify_client on;
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/demodomain.com/demodomain.com-trusted.crt;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/demodomain.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/demodomain.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/demodomain.com/autoprotect-demodomain.com.conf;
      root /home/nginx/domains/demodomain.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      #include /usr/local/nginx/conf/wpincludes/demodomain.com/wpcacheenabler_demodomain.com.conf;
      #include /usr/local/nginx/conf/wpincludes/demodomain.com/wpsupercache_demodomain.com.conf;
      # https://community.centminmod.com/posts/18828/
      include /usr/local/nginx/conf/wpincludes/demodomain.com/rediscache_demodomain.com.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      #try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
       # auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
        #include /usr/local/nginx/conf/php-wpsc.conf;
    
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
    
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /wp-admin/(load-scripts\.php) {
        limit_req zone=xwprpc burst=5 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
    
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /wp-admin/(load-styles\.php) {
        limit_req zone=xwprpc burst=5 nodelay;
        #limit_conn xwpconlimit 30;
        #include /usr/local/nginx/conf/php-wpsc.conf;
    
        # https://community.centminmod.com/posts/18828/
        include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/demodomain.com/wpsecure_demodomain.com.conf;
      #include /usr/local/nginx/conf/php-wpsc.conf;
    
      # https://community.centminmod.com/posts/18828/
      include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/pre-staticfiles-local-demodomain.com.conf;
      include /usr/local/nginx/conf/pre-staticfiles-global.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    curl -I Website Domains Names & Hosting | Domain.com output

    Code:
    curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
    More details here: http://curl.haxx.se/docs/sslcerts.html
    
    curl performs SSL certificate verification by default, using a "bundle"
     of Certificate Authority (CA) public keys (CA certs). If the default
     bundle file isn't adequate, you can specify an alternate file
     using the --cacert option.
    If this HTTPS server uses a certificate signed by a CA represented in
     the bundle, the certificate verification probably failed due to a
     problem with the certificate (it might be expired, or the name might
     not match the domain name in the URL).
    If you'd like to turn off curl's verification of the certificate, use
     the -k (or --insecure) option.
    You have new mail in /var/spool/mail/root
    curl -I Website Domains Names & Hosting | Domain.com Output
    Code:
    curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
    More details here: http://curl.haxx.se/docs/sslcerts.html
    
    curl performs SSL certificate verification by default, using a "bundle"
     of Certificate Authority (CA) public keys (CA certs). If the default
     bundle file isn't adequate, you can specify an alternate file
     using the --cacert option.
    If this HTTPS server uses a certificate signed by a CA represented in
     the bundle, the certificate verification probably failed due to a
     problem with the certificate (it might be expired, or the name might
     not match the domain name in the URL).
    If you'd like to turn off curl's verification of the certificate, use
     the -k (or --insecure) option.
    
    curl -I Website Domains Names & Hosting | Domain.com Output
    ----------------------------------------
    Code:
    HTTP/1.1 200 OK
    Date: Fri, 18 Jan 2019 13:11:20 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Link: <http://zepper.in/wp-json/>; rel="https://api.w.org/"
    Link: <http://zepper.in/>; rel=shortlink
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cache: MISS
    X-Cache-2: BYPASS
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff

    curl -I Website Domains Names & Hosting | Domain.com Output


    Code:
    HTTP/1.1 301 Moved Permanently
    Date: Fri, 18 Jan 2019 13:10:56 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Location: http://zepper.in/
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cache: MISS
    X-Cache-2: BYPASS
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
     
  8. eva2000

    eva2000 Administrator Staff Member

    42,001
    9,473
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,577
    Local Time:
    3:28 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    is non-https version your main intended working wordpress url ?

    your non-https domain.com.conf has working http password protection on wp-login.php and thus /wp-admin
    Code (Text):
    location ~* /(wp-login\.php) {
       limit_req zone=xwplogin burst=1 nodelay;
       #limit_conn xwpconlimit 30;
       auth_basic "Private";
       auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
       #include /usr/local/nginx/conf/php-wpsc.conf;
       # https://community.centminmod.com/posts/18828/
       include /usr/local/nginx/conf/php-rediscache.conf;
    }
    

    while https domain.com.ssl.conf has http password protection disabled partially commenting out auth_basic_user_file setting with hash # in front
    Code (Text):
    location ~* /(wp-login\.php) {
       limit_req zone=xwplogin burst=1 nodelay;
       #limit_conn xwpconlimit 30;
       auth_basic "Private";
       # auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
       #include /usr/local/nginx/conf/php-wpsc.conf;
    
       # https://community.centminmod.com/posts/18828/
       include /usr/local/nginx/conf/php-rediscache.conf;
    }
    

    if you want to disable http password protection comment out both these lines
    Code (Text):
       auth_basic "Private";
       auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
    

    like
    Code (Text):
       #auth_basic "Private";
       #auth_basic_user_file /home/nginx/domains/demodomain.com/htpasswd_wplogin;
    

    then restart nginx
     
  9. pheonis

    pheonis Member

    54
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    10:58 PM
    Thank you for the solution. It worked. Now i can login using http://
     
    • Like Like x 1