Cannot log into wordpress site - wordpress

Just recently discovered that neither my client or I can login to our Wordpress website. Here are the details:
Plugins: Contact Form 7, Envira Gallery Lite, Fusion Core (part of avada theme), Updraft Plus, Wordpress SEO, WP Retina 2x, WP Updates Notifier, Login Security Solution, Sucuri Scanner
Initially, the login page was requesting a password reset which is typical if too many false attempts have been made from a single user (part of Login Security Solution) plugin.
We tried to reset via the link in the email sent by wordpress. The new password generated is "invalid" when we try to login after the reset.
I FTP-ed in and changed functions.php to force a password reset. When I login with the new password, the login screen appears to be accepting the password, but rather than loading the dashboard, it loads the login screen again. Our Sucuri plugin emails an alert that the login was successful (which of course, it was not).
Next, I changed the name of all the plugin folders to make sure it wasn't a plugin causing the trouble. Same result.
Then, I looked at my htaccess file. It was overwritten with:
Files *.php deny from all /Files
I restore the htaccess file to it's original code. Still same login behavior.
I look through the rest of the site for other htaccess files. I change the names of htaccess files in the following places in order to disable them:
wp-content
wp-content/uploads
wp-content/uploads/sucuri
wp-includes
Still same login behavior.
Not sure what to try next. Not sure what triggered the problem. I was able to login on 12/22. My odd htaccess file had a modification date of 12/7. Client tried to login on 1/3 and was unable.
Any help would be greatly appreciated!!

Related

Recaptcha blocks access to my WordPress editor

I tried to install reCAPTCHA v3 on my wordpress website, now I’m unable to login to the Wordpress editor to edit the site. Every time I try to log in, it displays an error: Invalid site key.
I tried to remove the domain and the site and secret keys from the reCAPTCHA admin page but the login problem is still there.
I believe I put some code in wordpress... but not sure what and where, maybe it was [recaptcha] in the Contact Form 7 5.1 but I'm not sure (I'm not a developer).
Log into your Cpanel or FTP.
Look for the directory /public_html/wp-content/plugins and rename the reCAPTCHA plugin folder.
For example rename "uber-norecaptcha" to "uber-norecaptcha123". Refresh your WP-admin url. Now you can log in. Don't forget to rename the reCaptcha to it original, then you can deactivate it when you're logged in.
You could try to disable the plugin that added the reCAPTCHA (in this case, Contact Form 7), so you can login again. Then, you can re-enable it and set your site and secret keys properly.
Since you are unable to login, you can't disable the plugin from the WordPress dashboard. Instead you can temporarily move the plugin folder to another location. Navigate to the folder of your WordPress installation → wp-content → plugins and move the contact-form-7 folder.
Just experienced a similar problem, and it persisted for 3 months.
But, finally, I found the solution and resolved it.
In my case, I went to public_html/wp-content/plugins/wpforo/wpforo.php (I don't know exactly if you have forum installed or not, but forum was causing my login page to inherit login recaptcha without any valid keys).
public function init_hook(){
//reCAPTCHA on wp-login.php page
//$this->api->init_wp_recaptcha();
}
This function was calling a recaptcha with invalid keys. All I did was comment out:
$this->api->init_wp_recaptcha()
Another solution to the problem is :
Visit your login page, right click and enter the Inspect section. Search for anything that uses wp-login.php in "script" tags. You'll find the plugin that is causing the problem. Search for multiple results and deduce a conclusion. That's what I did.

wordpress admin (wp-admin) can not access

I have upload my wordpress website on live server and front end is loading perfectly fine.
While i login to my admin by http://www.my-site.com/wp-admin it not loading login page and display error like, redirected you too many times.
I can load login page by below URL,
http://www.my-site.com/wp-login.php
and can load login form, but after proving credential it can not redirecting me to dashboard and again display same error like,redirected you too many times.
I have done all available solution like,
1) check site url in wp_option table : its proper
2) delete .htaccess file from root and upload fresh
3) disable plugins and check and enable agian but not working.
Can anyone help me what is wrong in my case and how to enable wp-admin and can access admin?

wp-admin redirects to another page after automatic wordpress upgrade

Whenever I try to log into my wordpress site using mysite.com/wp-admin it redirects me to mysite.com/auto-login and giving a 404 error. It is happening with mysite.com/wp-login.php page as well. After go through my email i came to know that worpdress was upgraded automatically to 4.4.6. That means the problem started after the upgrade. Before that I could log into the site using wp-admin or login.php page without any problem.
Let me tell you what I did so far to solve it.
Edited the .htaccess file with the default code from wordpress.org site. Problem remained.
After that I deleted the file and uploaded a new one.
Did both through cpanel, but all in vain.
Update: I disabled my plugins one by one and found a faulty one. wp-admin or wp-login.php is now taking me to login page. But now the problem is it keeps redirecting to this same login page every time I enter my user name and password.
(Posted on behalf of the OP).
I have solved it. Let me tell you how.
I disabled my theme by renaming the folder.
I had no other theme in my directory so I uploaded twentysixteen theme.
I tried to login and It gave me a wrong password error which was weird because I did not change anything.
So I went through my phpMyAdmin and found that my password was changed I don't know how. Anyway I changed that and came back to login.
And voila! WordPress let me in!
Then I changed the theme to my previous real one and everything is OK now.

Login fails in first attempt each time in wordpress

I have wordpress ecommerce website. When i am trying to login to any account first time whether it is customer account or admin account it shown invalid address: your email address. But when i try to login with same credentials for second time it is logged in successfully. So basically it fails for the first time everytime but gets success in the second time. How can i solve this issue ?
-Clear Cookies to Resolve Login Issues
WordPress uses cookies for login authentication, so the first step in troubleshooting WordPress login issues is the simplest one. Clear your browser cookies and cache. Also make sure that your browser has cookies enabled. After doing that restart your browser and then try to login. This should fix the issue for most folks.
Clearing cookies and cache in Google Chrome
-Deactivate All Plugins
Sometimes WordPress plugins can cause this issue specially if there is a conflict between two plugins. To deactivate all your WordPress plugins, connect to your web hosting using an FTP client. Rename /wp-content/plugins/ directory to plugins_backup. This will deactivate all WordPress plugins installed on your website. We also have a detailed tutorial on how to deactivate all WordPress plugins when unable to access WP-Admin. Once you have deactivated all plugins, try to logging in to your WordPress site. If you succeed, then this means that one of your plugins was causing the issue.
-Delete .htaccess File
Sometimes .htaccess file can get corrupted which can result in internal server errors or login page refreshing error. Simply access your website through FTP. Backup the .htaccess file in your computer and then delete it from your website’s root directory. You may want to delete .htaccess file in wp-admin directory as well if it exist. Try logging in again. If you succeed, then this means that your .htaccess file were stopping you from logging into WordPress. Once you are logged in, simply go to Settings » Permalinks and click Save. This will generate a new .htaccess file.
Not a 100% sure youre issue is listed but have you tried this ?
REF: http://www.wpbeginner.com/wp-tutorials/how-to-fix-wordpress-login-page-refreshing-and-redirecting-issue/

Wordpress Setting Custom URLs for login. Not Possible?

I am not an expert for mod_rewrite, so I need a big time help. Here is the scenario:
Domain Name: www.example.com
Points To: /www/public_html/
I have a wordpress installation at:
/www/public_html/subfolder/
Now I have two htaccess files, lets call them .h1 and .h2 . I have managed upto now to do this:
When user types www.example.com they are taken to the wordpress homepage in the subdirectory (sweet). In fact everything is hunky-dory besides:
MAIN PROBLEM:
I want to create a custom login URL, say : www.example.com/mylogin
I am able to do the following by setting the following in my .h2
RewriteRule ^mylogin$ wp-login.php
But when I use this URL, it taken me to the login screen but the url in the browser changes to http://example.com/subfolder/wp-login.php
I want the URL that is displayed when the login screen is presented to stay the same as before i.e. http://example.com/mylogin
More precisely, no subfolder name and no wp-login should be displayed. How do I achieve this? Any help would be appreciated.
Your solution doesn’t hide the default login url. It only adds an easier to remember url which redirects to the default url /wp-login.
Without the need for coding you can easily install the plugin Custom Login and Admin URL’s that fixes this weakness.
Caution: This plugin have been tested on a new installation of WordPress and it worked fine. However, most free plugins are unsupported which means they sometimes conflict with other plugins depending on what you have installed. If you have any issues, login to cPanel or FTP and delete the plugin or contact your web hosting provider.
Another Security plugin for WordPress which you may want to take a look at is named Better WP Security. This WordPress plugin offers security settings for WordPress login, registration and admin pages as well as many other anti hacking features to protect your site.

Resources