401 when new user changes password | WordPress.org

Resolved paulcobb
(@paulcobb)

8 years, 6 months ago

When a new user (created by admin) gets their link by email.
Click on link and create new password works fine.
Then following the login link to use this new password gets a
401
Authorization Required lockout.
After this has timed out the login works fine.
Why should this be happening?

Settings shown attached
http://ibin.co/2HRYMiyGqQBL

https://wordpress.org/plugins/wordfence/

Viewing 1 replies (of 1 total)

Plugin Author WFMattR
(@wfmattr)

8 years, 6 months ago

Do you have your wp-admin folder password protected, either with .htaccess / .htpasswd files or another security plugin?

I haven’t seen one that times out after a while like that, but I don’t think Wordfence is causing it — I don’t think we have any features that give a “401” response.

If you do have other security plugins, you could try disabling them temporarily, and creating a test user and setting the password, to see if the issue still occurs. (You might not want to try it from your own computer, in case you would get locked out, of course.)

There also could be a problem if your host has mod_security rules that are set up incorrectly, or some other blocking on their end. If you give them the day and time when someone was locked out, they may be able to help track down the issue, if so.

-Matt R

Viewing 1 replies (of 1 total)

The topic ‘401 when new user changes password’ is closed to new replies.

In: Plugins
1 reply
2 participants
Last reply from: WFMattR
Last activity: 8 years, 6 months ago
Status: resolved