password protected directory – WP requires login twice

  • I have my root WP directory password protected, so users must login with user name and password to view my WP blog. However, for some reason the login info must be entered twice (I’ve checked this with several browsers on both Mac and PC). I’ve tried adding a slash at the end of the URL, and removing the “www” from the URL; no luck.

    I found another thread with this problem (https://www.ads-software.com/support/topic/48807), which suggested creating (in Control Panel) a redirect from ‘https://www……’ to ‘https://…’. I can do redirects with my CP, but not that specific kind (I’m unable to change the www part). I contacted support at my hoster, and they pointed out that if you enter the login info once, and then hit cancel (instead of entering it again) the page starts to load (in Safari it loaded without the CSS). So according to my hoster it was a WP issue, not an issue with htaccess or CP.

    If anyone has any thoughts on this, I’d appreciate hearing them. Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

  • Ok… well here’s the dill pickle.
    That first login… that’s to get into the directory in the first place. That’s the server doing that. No WP. So even after loging in there, WP still has no idea who the user is. This is why there is a second login. That would be actualy login into WP. Once logged into WP, the user should remain logged in on later visits (after entering the first login – since that’s controlled by the server again), provided they DO NOT use the “Logout” link in the admin screen. When you login to WP, it sets a cookie to remember you by. Clicking Logout, deletes the cookie.

    Now, if they are still required to login to WP after successfully loging in and they are NOT using the Logout link…. then I’m curious if maybe cookies cannot be set on protect directories. ???

    -tg

    Thread Starter jimtron

    (@jimtron)

    Thanks for the reply. This definitely happens even if I don’t use the logout link.

    I think what I’ll do is password protect the next directory up from my WP directory–I currently have it at: https://www.url.com/blog/, with the /blog/ directory protected. So I’ll just protect the home directory, because there’s nothing else at this particular site now anyway.

    Still, if anyone has more thoughts about this problem I’d love to hear them.

    If anybody’s still interested, try setting up a redirect with the trailing slash. (redirect from https://yoursite.com/protected_directory to https://yoursite.com/protected_directory/). Hope it helps.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘password protected directory – WP requires login twice’ is closed to new replies.