The entire web works based on the communication protocol between the browser and the web server. You may see different types of HTTP errors codes on the browser when something goes wrong. The 4xx HTTP error or status code indicates that the browser sent wrong detail to server. Web servers will return 401 code when they can’t process the request due to wrong authentication.
Related: Fix 400 bad request HTTP error.
How to Fix 401 Unauthorized Request HTTP Error?
This issue is more common on websites that offers membership login and special content on subscription basis. Though most cases are due to wrong login, on certain occasions, 401 Unauthorized Request error can happen even if you have a valid credential to login. In this case, web server might not have received your login details due to problem at browser side and return 401 error.
If you are seeing 401 error then follow these steps to resolve error. Most of the solutions are fairly easy to fix. We have also grouped the possible fixes for normal users and website owners separately. You can try out the applicable case for you.
For Normal Users
1. Check URL
It’s the most common cause for 401 Unauthorized Request error. It could happen when you enter the URL manually. In other case, you may click an outdated URL bookmarked on your browser. The error may appear if the page is no longer exists. So, check the URL and make sure there are no spelling mistakes and webpage is still available.
Related: Fix 404 page not found HTTP error.
2. Flush DNS
In some cases, DNS errors could also cause 401 Unauthorized Request error. You can fix the error by flushing the DNS.
Follow the instructions on Windows:
- Make sure that you run the computer as an administrator.
- Type in CMD in the search field and hit enter to open the Command Prompt.
- In the command interface, type in ipconfig /flushdns and press enter.
If you use macOS, flushing DNS is a bit different.
- Press “Command + Spacebar” to open Spotlight search.
- Type “terminal” and open Terminal app.
- On the command line interface type in sudo killall -HUP mDNSResponder
3. Clear Browser Cookies
Cookies are snippet of information that is used by websites to remember your unique personal information. In many cases, cookies also store user’s authentication information and remind web server about the level of authorization that can be granted to the user. Unfortunately, this doesn’t always work smoothly and improper server authentication could happen. The 401 error can happen if the web server can’t recognize session token sent by your web browser. When the server thinks that your token is invalid, then you may get the 401 Unauthorized Request error.
It’s much easier to clear all cookies completely or only for specific websites. When you clear cookies, it will cause you to re-enter login information for email, social media and other websites that require you to log in. Once the cache is cleared, try to log into the website and check whether you can get full access this time without any problem.
4. Check Your Access Permissions
The 401 error can happen due to improper login or permission. For example, a link may be reserved only for members and you will get 401 Unauthorized Request error when you click on it. In this case, you may need to contact the site owner to get proper access.
In other cases, you might be entering invalid credentials to login to the website. If you know the credentials are correct, then clear your cookies and flush the DNS as explained in the above sections. Now try again to login to the site.
If you have really forgotten the password, find a link to reset your password on the site. Generally, the website will ask you for the email address that you used to create the account in the past. In some cases, a wrong authentication requirement is mistakenly enabled and the website becomes inaccessible to users who are logged in. This problem can only be remedied by the website administrator.
5. Logout and Login Again
Most websites need a regular downtime for maintenance purpose. There are also possibilities that the website owner may be doing some changes at the backend causing temporary problems. When you face issues with your login status, logout and login again. In many cases, the website could work properly again.
For Website Owners
6. Rollback to Previous CMS Version
Most of the content management systems get fairly regular updates. Sometimes, a minor update introduces new bugs accidentally, including the unexplained appearance of 401 Unauthorized Request error. If your users are reporting this issue after a recent CMS update, then you should consider rolling back to previous version.
Unfortunately, some CMS don’t allow you to rollback. In such case you may need to get formal support from the service provider.
7. Uninstall Your Changes
Some content management systems like WordPress offers plugins, themes, modules, widgets and extensions. It is very versatile that you can use these features to add new functionality and change the visual appearance. Unfortunately, some plugins, themes, modules, widgets and extensions are poorly maintained. Some extensions could also result in making more changes than necessary.
When you see 401 error after any update, first thing you can do is to delete the latest updated plugin and check the result. It should be worth noting that the problem may not be immediately resolved after you remove or downgrade the plugin. This could happen if the plugin modified data in the backend database or PHP files. So, after you remove the plugin, any change to the database or PHP files may not be reverted. In such case, you may need to revert back the content to previously working version from your backup.
In many cases, 401 Unauthorized Request error happens when you try to login with wrong credentials. Some websites like banking sites may lock your account if you attempt multiple times with wrong password. So ensure to you correct login details otherwise approach the website’s support to resolve your case. On other hand, if you are the website owner then try to revert back your previous activities to restore the site access.