How to keep WordPress from stripping authorization headers?

Hardware: Old laptop or computer
YunoHost version:
I have access to my server : Through SSH and webadmin. I also have direct access to the server if needed.
Are you in a special context or did you perform some particular tweaking on your Yuno
Host instance ?
: no
Wordpress version: 5.4.1

Description of my issue

I want to use the IndieAuth WordPress plugin to use my WordPress site as an IndieAuth endpoint for authentication. I have installed and activated the plugin, but when I go to the plugin page, I get this error message:

Authorization has Failed

The authorization header was not returned on this test, which means that your server may be stripping the Authorization header. This is needed for IndieAuth to work correctly.

If you are on Apache, try adding this line to your .htaccess file:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

If that doesnt work, try this:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

If that does not work either, you may need to ask your hosting provider to reconfigure to allow the Authorization header to be passed. If they refuse, you can pass it through Apache with an alternate name. The plugin searches for the header in REDIRECT_HTTP_AUTHORIZATION, as some FastCGI implementations store the header in this location.

This appears to be an issue with the server setup, which is why I’m asking here instead of on the plugin page.

How do I reconfigure my WordPress setup on YunoHost so that the Authorization header is not stripped?

Thank you for any help.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.