.htacces Folder Protection asking again and again due to CF cache

i am protecting the websites Wordpress /wp-admin folder with a htacces password protection set up through my hosts server admin panel. I also set up the Cloudflare DNS and Cache (set to “Standard”). Unfortunately the htaccess protection username and pw modal is asking again and again. Without cache it works as expected.

Any idea how to resolve this issue?

May I ask you to check what option have you got selected under the Browser Cache TTL at Cloudflare dashboard for your domain name? :thinking:

You could check this by navigating to the Caching → Configuration
→ I’d suggest you to set it (if already not) to “Respect Existing Headers”

Similar topic:

Furthermore, I’d not suggest you to protect “wp-admin” with a password as far as some plugins, including WordPress core uses some of the resources like JS or CSS files on themes, JSON, REST API, etc.

Therefore, you’d be asking for “username & password” each of your visitor.

There are much better ways to protect your WordPress admin dashboard / WordPress login using Cloudflare, if so.

If interested, I am sharing my post here which contains a lot of useful information about this topics:

I’d suggest you to take a look at Cloudflare Access / Zero Trust to protect your WP Login :wink:


Thx for the reply. The settings are already the same as you suggest. So im checking it again.
What if i protect the folder with a Cloudflare firewall rule - blocking all IP except mine instead of the htaccess pw protection? this should work or not?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.