Fix WordPress REST API Authentication in APACHE/BITNAMI

/ AWS Lightsail Hosting, WordPress Tips & Tricks / By / apache, api, bitnami wordpress, rest api, woocommerce, wordpres

In this video I will show you how to fix API Authentication errors that you may be running into.

If your WordPress website is using the Bitnami Image on lightsail and uses a plugin or theme that requires APIs that need authorization or authentication, you may run into errors even though you may have everything setup correctly in your website.

REST APIs that need to be authorized typicaly use the Basic Authentication Authorization header information that is passed from your website to the API Endpoint. But if Apache is not configured to send that information then it may not work. Bitnamis WordPress image in Lightsail does not set this configuration by default.

In this video I will show you how to update the Apache configuration to allow authentication headers for your API.

 If you still experience API issues after this configuring this setting then there could be some other problems and I’ll link to some posts that may help troubleshoot if that is the case. So without further ado, let’s get started.

Steps:

  1. Open SSH to your server
  2. Open the HTTPD configuration file
    1. vi apps/wordpress/conf/httpd-app.conf
  3. Add following after the <directory> tag

CGIPassAuth on

<IfModule mod_setenvif>

  SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1

</IfModule>

  1. Add this to the rewriterule as shown in the video
    1. E=HTTP_AUTHORIZATION:%{HTTP:Authorization}
  2. Restart Apache
    1. sudo /opt/bitnami/ctlscript.sh restart apache
  3. Ensure your website still loads.
  4. Test the API that was having issues.
  5. If the issue still exists, there could be other factors
    1. Check this post where they outline other fixes and solutions
    2. WordPress also has some documentation if you use the nginx webserver.

Other links for further troubleshooting

How to Fix Common WooCommerce REST API Issues – Robot Ninja

All authentication methods use “Authorization” header, which is unreliable · Issue #2512 · WP-API/WP-API (github.com)

Frequently Asked Questions | REST API Handbook | WordPress Developer Resources

All videos tutorials on the website as well as the YouTube channel aim to provide a simplified process for a specific scenario; there could be many different factors and unique use cases you may have. The tutorials may not cover every situation; so treat is as a starting point or learning concept to apply to your unique situations, and consider this inspiration but not prescription or explicit direction.

Other Webhosting Tutorials

Scroll to Top