Wordpress permalinks unauthorized error in nginx

General
1

So i’m trying to run wordpress on LEMP. I did fix the permalinks by adding this

location / {
        try_files $uri $uri/ /index.php?$args;
}

But now i’m greeted with unauthorized error. More specifically -

A password is required to access this web server. Please try again.

My virtual server’s config file

server {
    server_name test.com www.test.com;
    listen x.x.x.x;
    listen 80;
    #return 301 https://$host$request_uri;

}


server {
    server_name test.com www.test.com;
    listen x.x.x.x;
    root /home/test/public_html;
    index index.php;

    access_log /var/log/virtualmin/test.com_access_log;
    error_log /var/log/virtualmin/test.com_error_log;
    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param SCRIPT_FILENAME /home/test/public_html$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT /home/test/public_html;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
    fastcgi_param HTTPS $https;

    access_log /var/log/nginx/test.com.access.log;
    error_log /var/log/nginx/test.com.error.log;




    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
    location ~ /\. {
        deny all;
    }

    # Deny access to any files with a .php extension in the uploads directory
    # Works in sub-directory installs and also in multisite network
    # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
    location ~* /(?:uploads|files)/.*\.php$ {
        deny all;
    }


    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/php-nginx/156327396130368.sock/socket;
    }

    location / {

        auth_basic off;
        try_files $uri $uri/ /index.php?$args;

    }


    listen x.x.x.x:443 ssl;
    ssl_certificate /home/test/ssl.cert;
    ssl_certificate_key /home/test/ssl.key;
    fastcgi_read_timeout 60;
}

PS :- i’m using virtual min’s preview site feature

I tried adding auth_basic off to default as well as per site config. It just wouldn’t work

2

The issue you’re facing with the “A password is required to access this web server” error is likely due to the auth_basic directive in your Nginx configuration. While you have included auth_basic off; in certain sections of your configuration, it might not be taking effect properly due to one of the following reasons:

Potential Causes:

  1. Virtualmin’s Preview Site Feature:
    The preview feature might be injecting its own auth_basic directives to limit access, which overrides your configurations.
  2. Misconfigured auth_basic Directive:
    The auth_basic off; might not be applied at the appropriate level or might be overridden by higher-level configurations.
  3. Conflicting Nginx Configurations:
    Other configuration files in your Nginx setup (like default server blocks or global configuration files) might include auth_basic settings that are conflicting with your site’s settings.

Steps to Resolve the Issue:

1. Disable Basic Authentication in Virtualmin Preview Mode

Virtualmin’s preview feature sometimes enforces basic authentication to secure access to previewed sites. You can disable this by modifying the Virtualmin settings:

  • Navigate to Virtualmin > Server Configuration > Website Options.
  • Look for a setting like “Preview website” or “Enable authentication for preview” and disable it if possible.

Alternatively, use your site’s actual domain or IP address for testing instead of Virtualmin’s preview feature.

2. Apply auth_basic off; Globally

If the issue persists, you can try disabling auth_basic globally by editing the main Nginx configuration file. Open the file:

sudo nano /etc/nginx/nginx.conf

Add the following at the top-level http block:

http {
    auth_basic off;
    # Other global settings...
}

Save the file and reload Nginx:

sudo systemctl reload nginx

3. Validate Your Per-Site Configuration

Make sure the auth_basic directive is disabled in all locations in your site’s configuration. Update your server block to ensure there are no conflicts:

server {
    listen x.x.x.x;
    server_name test.com www.test.com;
    root /home/test/public_html;
    index index.php;

    # Disable authentication globally for this site
    auth_basic off;

    # Additional configurations
    location / {
        try_files $uri $uri/ /index.php?$args;
        auth_basic off;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/php-nginx/156327396130368.sock/socket;
        auth_basic off;
    }

    # SSL settings
    listen x.x.x.x:443 ssl;
    ssl_certificate /home/test/ssl.cert;
    ssl_certificate_key /home/test/ssl.key;
}

Reload the Nginx configuration:

sudo nginx -t && sudo systemctl reload nginx

4. Check Nginx Logs for Clues

Examine your Nginx logs to identify any other errors or directives being applied:

sudo tail -f /var/log/nginx/test.com.error.log
sudo tail -f /var/log/nginx/test.com.access.log

Look for entries related to 401 Unauthorized or basic authentication.

5. Test Without Virtualmin Preview

As a final test, access your site directly using its domain name (e.g., http://test.com or https://test.com) instead of the Virtualmin preview URL. The preview feature often introduces additional layers of configuration that can cause issues.

The unauthorized error is likely tied to the Virtualmin preview site feature or conflicting auth_basic settings. By disabling auth_basic globally or testing outside of the preview mode, you should resolve the issue. If the problem persists, verify that no other configurations (e.g., default server blocks or inherited settings) are interfering with your Nginx setup.