wordpress login.php redirects to weird places after site was hacked - wordpress

I am trying to de-hack my wordpress blog, and get it working again. I managed to get the homepage (without a theme). When I try to login into the site (to get my admin access), I see that it redirects to a new url that has nothing to do with my site.
so for example I manage to get to the login page directly:
www.mydomain.com/blog/login.php
but when I put my username and password and press the login button I am redirected to:
old.mydomain.bob/login.php
which doesn't exist (obviously)
I am working on wordpress 4.0.10, and try to understand what has happened and how to fix it. eventually, I might reinstall and hope that the database will be fine - but still. try to find what's going on.

Related

Recaptcha blocks access to my WordPress editor

I tried to install reCAPTCHA v3 on my wordpress website, now I’m unable to login to the Wordpress editor to edit the site. Every time I try to log in, it displays an error: Invalid site key.
I tried to remove the domain and the site and secret keys from the reCAPTCHA admin page but the login problem is still there.
I believe I put some code in wordpress... but not sure what and where, maybe it was [recaptcha] in the Contact Form 7 5.1 but I'm not sure (I'm not a developer).
Log into your Cpanel or FTP.
Look for the directory /public_html/wp-content/plugins and rename the reCAPTCHA plugin folder.
For example rename "uber-norecaptcha" to "uber-norecaptcha123". Refresh your WP-admin url. Now you can log in. Don't forget to rename the reCaptcha to it original, then you can deactivate it when you're logged in.
You could try to disable the plugin that added the reCAPTCHA (in this case, Contact Form 7), so you can login again. Then, you can re-enable it and set your site and secret keys properly.
Since you are unable to login, you can't disable the plugin from the WordPress dashboard. Instead you can temporarily move the plugin folder to another location. Navigate to the folder of your WordPress installation → wp-content → plugins and move the contact-form-7 folder.
Just experienced a similar problem, and it persisted for 3 months.
But, finally, I found the solution and resolved it.
In my case, I went to public_html/wp-content/plugins/wpforo/wpforo.php (I don't know exactly if you have forum installed or not, but forum was causing my login page to inherit login recaptcha without any valid keys).
public function init_hook(){
//reCAPTCHA on wp-login.php page
//$this->api->init_wp_recaptcha();
}
This function was calling a recaptcha with invalid keys. All I did was comment out:
$this->api->init_wp_recaptcha()
Another solution to the problem is :
Visit your login page, right click and enter the Inspect section. Search for anything that uses wp-login.php in "script" tags. You'll find the plugin that is causing the problem. Search for multiple results and deduce a conclusion. That's what I did.

My home page automatically redirects to the user page

I installed the Ultimate Member plugin in my wordpress site and I created all the needed pages (register, login...). On my side, it seems to work fine, but one of the site's users is redirected to his profil when he try to access the home page. However, the home page is not linked to any UM behaviour.
We tried to clear cookies and cache but nothing changes, and I don't see where the problem can come from.
seems like you have to set the Default Start Site in the Customizer, maybe this helps with your problem. Otherwise please check if the Link in your Menu is correct and refers to your Homepage.Customizer Start Site

Links in WordPress working only when I am logged as admin

After migrating website from localhost I have one problem. The links are not working. When I click on any link it is still redirecting to homepage. But when I am logged as admin its working fine. I've never encountered this problem before.
I am wondering if it can be some problem with DB or with .httaccess but not sure. I also changed both links in WP_options table in DB to the right one.
Debugging on localhost was working perfectly (also like guest and admin)
Its really weird that its not happening when I am logged as admin.
What am I missing?

wp-admin redirects to another page after automatic wordpress upgrade

Whenever I try to log into my wordpress site using mysite.com/wp-admin it redirects me to mysite.com/auto-login and giving a 404 error. It is happening with mysite.com/wp-login.php page as well. After go through my email i came to know that worpdress was upgraded automatically to 4.4.6. That means the problem started after the upgrade. Before that I could log into the site using wp-admin or login.php page without any problem.
Let me tell you what I did so far to solve it.
Edited the .htaccess file with the default code from wordpress.org site. Problem remained.
After that I deleted the file and uploaded a new one.
Did both through cpanel, but all in vain.
Update: I disabled my plugins one by one and found a faulty one. wp-admin or wp-login.php is now taking me to login page. But now the problem is it keeps redirecting to this same login page every time I enter my user name and password.
(Posted on behalf of the OP).
I have solved it. Let me tell you how.
I disabled my theme by renaming the folder.
I had no other theme in my directory so I uploaded twentysixteen theme.
I tried to login and It gave me a wrong password error which was weird because I did not change anything.
So I went through my phpMyAdmin and found that my password was changed I don't know how. Anyway I changed that and came back to login.
And voila! WordPress let me in!
Then I changed the theme to my previous real one and everything is OK now.

woocommerce_my_account stopped working after moving to another hosting provider

I recently moved my site built in Word Press to another hosting provider and I found the shortcode [woocommerce_my_account] is not working anymore.
Previously, I had a page called account login where I had the shortcode [woocommerce_my_account]. In the settings I set the landing page to be the same page (account login). so, after an user logged in, it was redirected to the same page showing his/her details.
However, in the new hosting provider this is no longer working. After I put the login information and attempt to login it is taking me to wp-login.php page and ask me to enter my login details again.
The URL path that I see in the browser after attempting to login is similar to this <site_name_url>/wp-login.php?redirect_to=http://<site_name_url>/account-login/
Anybody has got to the bottom of this issue? Thank you.
Try adding this to your wp-config.php:
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
Make sure you change http://example.com with your own domaine. You can also try to search and replace your domaine in the database if it has changed.
You can also try to clear browser cache and cookies. I had an issue like this before, launched a private navigation and it was working fine.
Try setting define(‘WP_DEBUG’, true);, you may see something going on.
Sometimes, php version makes a difference, try to set the same php version on you new host (google the name of your hosting provider + change php version).
When you move sites/restore databases you often need to save the permalinks again.
go to /wp-admin/options-permalink.php and click "save". This will setup your .htaccess file with the correct information for redirects.
Finally, after all of these days searching and trying different things, the answer for this issue in my case was not related with the Word Press installation itself but, with some software installed on the server called varnish, apparently used to cache the site and improve its performance.
After having a support chat with the hosting provider, they mentioned that varnish is breaking the woocommerce plugin.
At this point, I am not sure if varnish is not compatible with woocommerce or the settings applied on the server using this software make woocommerce not to work properly.

Resources