Fixing Laravel Basic Auth Failure

Today, as I deployed my Laravel application, I received an email from my client mentioning that the basic authentication wasn’t working on the production server. I tested promptly and indeed it wasn’t. This was really strange for me as locally all was well. I got stuck at the problem for quite sometime. Searching on Google made me realize that a lot of people have been facing the same conundrum. But finally as usual, I found out the solution not too late.


The problem is not in Laravel, but with PHP. Apparently, HTTP authentication won’t work if PHP is executed with a CGI application instead of being executed in a server module like Apache’s mod_php. In simpler yet technical terms, since I’m using PHP-FPM (a fast FastCGI process manager), the required PHP_AUTH_USER and PHP_AUTH_PW parameters are not included in the $_SERVER data.

What's the one thing every developer wants? More screens! Enhance your coding experience with an external monitor to increase screen real estate.

Thankfully, with the help of the content here I was able to solve the problem.

First Step

I added this piece of configuration line to my .htaccess file:

SetEnvIfNoCase Authorization "Basic ([a-z0-9=]+)" REMOTE_AUTHORIZATION=$1

Second Step

Added this piece of code in bootstrap/start.php (at the beginning):

  list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', $d);

Could possibly also put that inside public/index.php.


Overall some people might consider this process as an ugly hack, but thankfully if the basic auth in your Laravel app doesn’t work then it’ll start working as normal!

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Author: Rishabh

Rishabh is a full stack web and mobile developer from India. Follow me on Twitter.

13 thoughts on “Fixing Laravel Basic Auth Failure”

  1. Thanks for posting this!
    This solved my problem, and otherwise I would have continued banging my head on my desk for a long, long time.



  2. Hi Rishabh I tried your solution but still didn’t work for me.

    Can you please tell the exact locations that I need to add these codes on.

    Like where in .htacess and index.php or start.php


  3. Rishabh man you are awesome. 🙂 It worked for me.

    Maybe you can also add this to your tutorial that where should one add those lines. But you really saved my life.

  4. Hello, i have a site made with laravel 4.2.17 that recently was moved into a shared hosting with fastcgi, i tried with this solution but was unable to make it work, maybe i am doing something wrong with the .htacess file, i also tried adding the corresponding lines on bootstrap/start and index.php without success.

    This is my .htaccess:

    Options -MultiViews

    RewriteEngine On

    # Redirect Trailing Slashes…
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller…
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    SetEnvIfNoCase Authorization “Basic ([a-z0-9=]+)” REMOTE_AUTHORIZATION=$1


    Any help would be appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *