What this problem is
You receive a 401 Unauthorized when accessing wp-admin or performing actions like saving, uploading, or editing.
Why it happens
- Basic Auth enabled on the site or admin
- Security/WAF rules block REST or admin-ajax calls
- Cookie/session issues
Prerequisites
- Hosting panel access and/or FTP
Diagnosis
Check the response headers to confirm if Basic Auth is involved. Try in incognito to rule out cookies.
Detailed steps
Step 1) Clear cookies and cache for the domain
Retest login and the failing action.
Step 2) Check Basic Auth (.htpasswd)
Look for password protection applied to wp-admin or the entire site and remove it if not needed.
Step 3) Review WAF/security plugin blocks
Allow REST API endpoints if the builder/editor needs them.
Expected results
- 401 errors stop and admin actions work again
What to do if it fails
- Ask hosting support to identify which authentication rule is returning 401
Best practices
- Use 2FA and strong passwords instead of permanent Basic Auth on production unless required