Password protect returns 404

Thanks for the response, Paul. I tried to copy the content into this thread, but it just kept disappearing, so I sent it to you another way. I know that the plugins Bulletproof Security and W3 Total Cache have done some updating to the file.

@cartpauj – kat123 is using the BPS plugin so the root .htaccess file is quite a bit of code.

@kat123 – Do these BPS troubleshooting steps to confirm or eliminate your root htaccess file/code as the cause of the issue.
1. Select the Deactivate Root Folder BulletProof Mode (Default Mode) Radio button on the Security Modes page.
2. Click the Activate|Deactivate button.

If the problem is still occurring then it is not being caused by your root htaccess file. If the problem is no longer occurring then have you added any additional Bonus Custom Code? The standard BPS code does/incorporates the standard WordPress rewrite code and nothing unusual in regards to rewriting or redirects.

Also activating BPS Default Mode is two fold for troubleshooting – ie you will be removing all BPS standard htaccess code and all W3TC caching htaccess code at the same time. So you will have a standard WordPress default htaccess file without any BPS or W3TC htaccess code in it.

@kat123 – I didn’t see any obvious issues in the .htaccess rules you sent over. Try @aitpro’s suggestions and let us know how it goes.

OK, tried that. I left it deactivated, but it’s still giving me the 404 error. Rats!

Well you eliminated some possibilities so that is always a good thing – ie one less thing to consider. ??

The htaccess redirect code I mentioned above should do the trick, but I am a firm believer in looking at the root cause of an issue… well in most cases unless that is a pain in the neck or you just want to do the “fix it now damn it” thing. ??

Do these steps to add the redirect code to BPS Custom Code.
1. Copy this redirect code:
RedirectMatch 301 ^wp-login\.php$ https://www.realestatemarketing.center/login/
to this BPS Root Custom Code text box: CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page, click the Create secure.htaccess File AutoMagic button, select the Activate Root Folder BulletProof Mode Radio button and click the Activate|Deactivate button.

Important Note: If you are using mod_rewrite in W3TC/W3TC htaccess code then make sure that you have aleady copied the W3TC htaccess code to this BPS Root Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE

hmm looking at the Source Code the URI has this Query String in it: ?action=postpass so that may be an issue in itself.

class="w-form protected-post-form" action="https://www.realestatemarketing.center/wp-login.php?action=postpass" method="post"><div

You may have to do a redirect that includes that Query String. Let me play around with this on a test site and see what is needed or what will actually work.

It is very possible that the Query String will be passed in the URI, but not 100% sure about that. ?? Will post back here in a bit after testing this.

I’m not sure where I am now. I might need to delete W3TC and BPS and start over. It’s still not working.

Here’s another thread:
https://www.ads-software.com/support/topic/password-protection-form-results-in-404-wp-loginphpactionpostpass?replies=1

I’ve asked my host to look into that. This is insane. I just want to protect a page or two without having to set up a membership for them.

Ok the Query String poses several complications and creating a redirect using Query String Append does not make me feel all warm and tingly – there are too many variables in the equation to say that this would be a reliable thing to do. Also if you have other pages that you want to password protect then you will end up having to create several custom rules for those – not practical or the smart approach so back to square one. I believe your best move is to contact the MemberPress folks about this issue.

Another possibility is to use the standard WordPress login page and not create a custom login page. ??

Many years ago we had a custom login page and it was a source of never ending problems. ?? We now use the default WordPress login page and have customized it visually. Makes me think of the old saying, “if it ain’t broke, then don’t fix it”. My point – if it was me I would use the default WordPress Login page – all problems solved. ??

Thanks again. Paul from Memberpress will be getting back to me, so hopefully he’ll have the silver bullet.

Another possibility is you keep the your custom login page /login/ and install this plugin Page Links To. Then add the URL to the default WordPress login page. Seems like a lot of extra work just to do what you should already be doing – using the default WordPress Login page. ??

Why reinvent a perfectly good wheel – the default WordPress login page – and instead customize it to look the way you want it to look. ??

I just thought of something really obvious. A lot of membership plugins and themes that I have tested in the past have their own option settings for password protecting pages. So I bet when you hear back from MemberPress they are going to point you to those option settings in MemberPress and probably tell you not to use the default WordPress Page/Post locking feature.