How to Fix 401 Error in WordPress

401 errors indicate that you are not authorized to view or reach the page. It’s a common WordPress error that could even appear on your own website.

While 401 errors can occur due to issues like incorrect URL, DNS cache, plugin conflicts, and more, the solution is often straightforward.

You can resolve this by flushing your DNS record, cleaning your browser and firewall cache, deactivating plugins, and more. 

Find out how to fix 401 error in WordPress with us. We’ve included eight tested methods. Have a look:

1. Enter the Right URL or Authentication Credentials

The initial step to address a 401 error in WordPress is to ensure the correctness of the URL or authentication credentials. Entering the wrong URL or invalid credentials may cause this error to occur.

Whenever such an error occurs, double-check the URL for typos, then verify your login credentials. Mistakes in typing both the URL and authentication details are common and can lead to authentication failures.

2. Clear Browser Cache and Cookies

Encountering a 401 error message in WordPress even after verifying your login details? While it’s not always the solution, clearing your browser cache and cookies might fix the issue.

Your browser stores information from websites you visit to speed up loading times. However, stored information can become outdated and interfere with new login attempts, potentially leading to 401 errors.

You can clear caches in different browsers by following these steps:

• Google Chrome: Settings > Privacy and security > Clear browsing data
• Mozilla Firefox: Options > Privacy & Security > Clear Data
• Microsoft Edge: Settings > Privacy, search, and services > Clear browsing data
• Safari: Preferences > Privacy > Manage Website Data

Note: Make sure you always choose “all time” when clearing outdated browser cache.

3. Flush Your DNS Records

Outdated website address information (DNS) can lead to 401 errors, even after entering valid credentials. DNS transforms website names into IP addresses that computers use to connect with websites.

Your PC will temporarily store data when you frequently access the same IP address and URL, which often become outdated. Flushing your DNS clears all this temporary data and allows you to re-authenticate.

Flushing Windows and MacOS DNS servers is super easy, and for that, you can follow the instructions below:

• Windows: 

1. Use the search bar and search for “Command Prompt.
2. Inside command prompt, type “ipconfig/flushdns” 
3. Press enter button and you’ll see “Successfully flushed the DNS Resolver Cache”

• MacOS: 

1. Open Terminal (located in Applications > Utilities).
2. Input sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder and press Enter.
3. Put in your administrator password when prompted.

Note: You may need to wait some time for the changes to take effect. If the error still persists, explore the other solutions provided.

4. Clear Your Firewall Cache

A cloud-based WordPress firewall is a security solution designed to provide real-time protection, DDoS mitigation, and more. Similar to browser caches, firewall caches can get old over time, causing communication issues between your browser and WordPress.

In the event that you encounter a 401 error while using a firewall protection solution for your site, you might need to clear your cache.  To clear the firewall cache, follow these simple steps:

• Log in to your firewall control panel.
• Go to the configuration or settings section.
• Search for options related to “cache,” “clearing data,” or similar.
• To clear the cache, follow the provided instructions. Don’t delete any data unless it’s absolutely necessary.
• Save your changes.

Note:  Instructions will vary based on your firewall you’re using for your website. 

5. Deactivate WordPress Plugin

Plugin conflicts, while not the most common reason, can sometimes cause your browser to fail to communicate with WordPress. Consequently, this can lead to 401 errors, among other issues.

Although you cannot directly determine which plugin is causing the problem, security plugins are often the main culprits. Therefore, try deactivating the suspected plugin. 

To do this, navigate to the WordPress dashboard > Plugins, and then deactivate the plugin.

In the worst-case scenario, you will have to use the FTP client or cPanel if you do not have access to your WordPress dashboard. Check out the steps below for a detailed guide:

• Access your website’s files through your cPanel’s File Manager or an FTP client.
• Locate the “wp-content” then “plugins” folder within your WordPress directory.
• Rename the folder of the suspected plugin (e.g., “plugin-name” to “plugin-name-deactivated”).

Try to authenticate the problematic part and if you do not experience a 401 error, you have found the black sheep. Now either look for alternatives to this plugin or contact the support team for further assistance. 

Note: Take a backup before making changes or perform deactivation activities in a staging environment. 

6. Temporarily Disable Server-level Password Protection

Sometimes, adding password protection to WordPress directories can enhance security. However, forgetting the password may trigger a 401 error, making it necessary to disable this protection temporarily.

Password protection doesn’t offer any recovery process, which means you must have to go for disabling it. You can do it by accessing your WordPress root directory or taking help from the hosting provider’s control panel.

Use the control panel for the easiest method. Follow the below steps to disable password protection: 

• Log in to your hosting provider’s control panel and access the file manager.
• Locate the password-protected directory.
• Inside the directory, find and open the .htaccess file.
• Select and remove the .htaccess file.
• Additionally, look for and delete .htpasswd file.

Once you’re done making the above-provided changes, try to re-access your site to see if the error still persists or not. 

Note: It’s essential to create backups of the ‘’.htaccess’’ and ‘’.htpasswd’’ files before deleting them, as you may need them in the future.

7. Switch to a Default WordPress Theme

Switching to the default WordPress theme might not initially seem like an obvious solution, but it can effectively resolve a 401 error. Sometimes, the theme currently in use on your WordPress site might be causing 401 error.

Therefore, simply switch to the default theme (Twenty Twenty-Three, Twenty Twenty-Two), and you can do so by following this path: 

WordPress Dashboard > Appearance > Themes 

However, if you’re facing a 401 error in the WordPress admin area and can’t access the dashboard, try your hosting provider’s control panel or FTP client. Take a look at the instructions provided below:

• Use FTP or your host’s cPanel File Manager to access your website’s files.
• Locate the “themes” folder within your WordPress directory. 
• Find the folder in which your current theme is stored.
• Rename the active theme folder, e.g., “my-theme.deactivate.” ( This will deactivate the theme.)
• Identify the folder that contains the default theme, e.g., “twenty-twenty-three.”.
• Remove “.bak” or any deactivation suffix from the default theme folder (e.g., “twentytwentythree.bak” to “twentytwentythree”).

This will activate the default theme and fix unauthorized access-related issues if your theme is the troublemaker.

8. Contact Your WordPress Hosting Provider

Finally, if none of the solutions provided above alleviate the 401 error, it’s advisable to contact your hosting provider. Some hosting companies utilize automatic detection systems for suspicious activity, which will likely cause authentication issues.

Reaching out to your hosting provider will allow you to take advantage of their expertise and advanced diagnostic tools. Each hosting provider has unique insights into server configurations, which allows them to swiftly identify and rectify issues.

How to Prevent 401 Error Code on WordPress [Expert Advice]

So far, you’ve learned how to fix 401 error in WordPress, but it’s great to have knowledge about how to prevent it in the future. As part of this section, we’ve listed some of the tips that WordPress users should know to minimize authentication issues:

• Choose Reliable Web Hosting: Having a feature-rich and secure hosting service is indeed a blessing. Robust security measures will mitigate unauthorized access attempts, which may trigger 401 errors.
• Use Strong Authentication Methods: Implementing strong authentication methods such as using strong passwords, two-factor authentication, and limiting login attempts can decrease the likelihood of experiencing 401 errors.
• Regularly Update WordPress and Plugins: Never use outdated plugins or themes, as developers often release updates to patch security vulnerabilities. Using outdated WordPress themes and plugins increases the risk of unauthorized access to your site.
• Optimize Server Configuration: Configuring server settings, like file permissions, enabling secure protocols like HTTPS, and configuring firewalls to block unauthorized access, is key. Improper server configuration can sometimes contribute to 401 errors.
• Manage User Permissions: To prevent unauthorized access and potential 401 errors, review and manage user permissions regularly.

Closing Thoughts

Congratulations! You’ve learned how to fix 401 error in WordPress.

Our included 8 steps are intended to fix 401 issues like 401 Unauthorized, Access Denied, Authorization Required, HTTP Error 401 Unauthorized, etc. All these are variants of the 401 error in WordPress.

Start by inputting valid credentials to switch to the default theme. And if none of the troubleshooting methods really help, seek assistance from your hosting provider.