My sites were recently moved from an old server to a new one. Everything seemed to be working properly until I logged into a site on Tuesday and WordPress’s admin pages were not working properly.
I use the AskApache Password Protect plugin to build .htaccess files to prevent certain types of attacks. Removing the .htaccess files allowed the site to function normally, but (obviously) isn’t desirable.
I have tried a few things, but the basics right now are that I have put in a very simple .htaccess that is intended to prompt for authorization to get to the wp-admin pages. Instead of being prompted however, I get a WordPress 404 page. The .htaccess content is (with appropriate name changes to protect the site’s identity for now):
AuthName " Secure Area"