Nginx – How to remove .htaccess and/or htpasswd from vultr wordpress installation

.htaccesshtpasswdnginx

I fired up a server on vultr and chose wordpress. It setup htpasswd on the admin login. How can I remove that?

Here is the only .htaccess file I can find:

# Only allow direct access to specific Web-available files.

# Apache 2.2
<IfModule !mod_authz_core.c>
        Order Deny,Allow
        Deny from all
</IfModule>

# Apache 2.4
<IfModule mod_authz_core.c>
        Require all denied
</IfModule>

# Akismet CSS and JS
<FilesMatch "^(form\.js|akismet\.js|akismet\.css)$">
        <IfModule !mod_authz_core.c>
                Allow from all
        </IfModule>

        <IfModule mod_authz_core.c>
                Require all granted
        </IfModule>
</FilesMatch>

# Akismet images
<FilesMatch "^logo-full-2x\.png$">
        <IfModule !mod_authz_core.c>
                Allow from all
        </IfModule>

        <IfModule mod_authz_core.c>
                Require all granted
        </IfModule>
</FilesMatch>

I found this too. Not sure if it is helpful:

vim default.conf 

    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Best Answer

I found the culprits here:

/etc/nginx/conf.d/wordpress_http.conf and /etc/nginx/conf.d/wordpress_https.conf

I commented out these lines:

#               auth_basic "Restricted";
#               auth_basic_user_file /etc/nginx/htpasswd/wpadmin;
#
#               location ~* \.(htaccess|htpasswd) {
#                       deny all;
#               }
Related Topic