WordPress site health reports “authorization header is missing” on Bitnami WordPress

If you are using AWS Lightsail or running a Bitnami instance somewhere else for WordPress and want to use the REST API chances are you will have issues. In my case it manifested in not being able to authenticate even though I knew the credentials were correct. Then thanks to some help from the Gravity Forms support team I was pointed to check the Tools->Site Health section and there found a “security issue” that said “authorization header is missing”. After Googling around a lot I found very little till I came across an article on the Bitnami community form. It seems that mvenkadesan figured out a fix, but didn’t give much detail how to do it. So of course I shot down the rabbit hole to figure it out. The HTTPD conf files for Bitnami are fairly well nested and so I wanted to make sure I only applied the fix to the WordPress site and not PhpMyAdmin or some of the others. The file you are looking to edit is:

sudo nano /opt/bitnami/apps/wordpress/conf/httpd-app.conf

From here you will want to add the following on line 4

# Get rid of the Site Health message on missing authorization header
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Your aren’t home free just yet. The last thing you will need to do is restart the apache service. I prefer to do this with the Bitnami specific script

sudo /opt/bitnami/ctlscript.sh restart

At this point you should be able to just restart and go from there.

3 thoughts on “WordPress site health reports “authorization header is missing” on Bitnami WordPress”

  1. Pingback: Amazon Lightsailでのホスティングへ移行 – Hirolog

    1. Yes, generally speaking you can just ignore this, however if you are using an API you may find that you can’t access the API from an external source. In my case I ran into this when I went to use the Gravity Forms API with Zappier for a client.

Leave a Reply