Announcing One-Click Restores, Disaster Recovery, and More
Want to be able to restore your site with just one click? In the newest version of Duplicator, we're launching…
Announcing One-Click Restores, Disaster Recovery, and More
Are you locked out of your WordPress site?
Being locked out of your WordPress website can be a nerve-wracking experience, especially if you rely on it for business or personal reasons. But don’t panic! There are various reasons why this could happen, and fortunately, most of them have simple solutions.
In this guide, we’ll explore the common causes of WordPress lockouts and provide step-by-step solutions to help you regain access to your site.
If you’re unexpectedly locked out of WordPress admin, you can easily fix the problem and resume managing your WordPress website!
Before you get started, we’d recommend clearing your browser’s cache and cookies. This may fix any browser-side issues that are causing errors on your login page.
Also, you can quickly get your site up and running again by restoring a recent backup. You’ll immediately revert your site to a functioning state and can avoid any annoying troubleshooting.
If you can’t get into your WordPress back-end, there may be a straightforward solution. One common reason for lockouts is simply entering the wrong login credentials.
After entering an incorrect password, click on the Lost your password? button. This will allow you to reset your password through your WordPress email:
Sometimes, you may not be able to get a new password. If you’ve been hacked or no longer access your admin email, you can use phpMyAdmin to reset your password.
Although you’re an admin on your website, you may suddenly lose administrator privileges. This can be frustrating as it limits your access to critical site settings.
Usually, this happens during a cyber-attack. However, you can manually add a new admin user to your WordPress database.
To do this, open phpMyAdmin and find the wp_users table. Hit Insert:
Then, add this information:
Next, open the wp_usermeta table. Again, click the Insert option. Add this information:
Scroll down and add this information:
Now, log into your WordPress site using the new user information you specified earlier!
Out-of-the-box, WordPress won’t limit the number of times you can try to log into your site. As a result, WordPress is often vulnerable to brute-force attacks. To access your dashboard, hackers will use automated software that guesses your password until your site is breached.
To secure your website against brute force attacks, it’s often a good idea to limit login attempts. However, if you can’t remember your password, this may lock you out of your own dashboard.
When this happens, you can unblock limited login attempts. If you installed a plugin like Limit Login Attempts Reloaded, you’ll need to simply delete this plugin folder with an FTP client:
Note: To connect to an FTP client, you can find the FTP credentials in your hosting account.
Alternatively, add deactivate_ to the beginning of the folder name. This will disable the plugin so you can log back into WordPress. Then, go back to your files and undo this change to reactivate the plugin.
If you encounter the dreaded “Error Establishing Database Connection,” it means your website cannot connect to the database. This could be due to incorrect database login credentials or database server issues.
To fix the “Error Establishing Database Connection” error, open your wp-config.php file with an FTP client or a file manager like cPanel. Find the following lines of code:
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'database_name_here' );
/** MySQL database username */
define( 'DB_USER', 'username_here' );
/** MySQL database password */
define( 'DB_PASSWORD', 'password_here' );
/** MySQL hostname */
define( 'DB_HOST', 'localhost' );If you’ve recently moved to a new WordPress hosting provider, your wp-config.php file could be still pointing to your old host. You’ll need to update the hostname, database name, database user, and database password to point to the new host.
For more details, check out this beginner’s guide on How to Fix the Error Establishing a Database Connection in WordPress.
The White Screen of Death (WSOD) is a blank screen that appears when something goes wrong on your website. It is often caused by PHP errors or memory exhaustion:
Rather than displaying an error code, you’ll usually see a completely white page. It may also say “There has been a critical error on your website.”
If this happens, there are a few different fixes you can try. The WSOD could be caused by poorly coded plugins or themes, so you might need to disable all plugins and activate a default theme.
WordPress also offers a fatal error protection feature that can identify potential solutions. In this case, you’ll see an error that “The site is experiencing technical difficulties.”
Along with this, you’ll get an email that explains the source of the issue. WordPress will also send you a link to help you log into your recovery mode dashboard:
Another possible solution is to increase your WordPress memory limit. This can be helpful when a script overuses your memory and times out.
If your site has been hacked, regaining access is crucial. You can start by contacting your hosting provider and scanning your site for malware.
Restoring your website from a clean backup is usually the most effective way to get back in control. If you’re using a backup plugin like Duplicator Pro, you can set the most recent backup as the recovery point:
Then, copy the recovery URL. You’ll need to save this in a safe place (independent of your WordPress dashboard) just in case you ever get hacked:
All you’ll need to do to recover your site is paste this URL into a new browser window. This will automatically launch the Duplicator recovery wizard:
You can follow these steps to roll back your site to how it was before the cyber attack. To prevent your website from being hacked again, be sure to follow this WordPress security guide.
A 500 Internal Server Error is a generic error message indicating a server-side issue. Something went wrong, but there’s no clear indication of what happened.
Since this is a common error, it’s easily fixed. You could try clearing your browser cache, deactivating plugins, or increasing your PHP memory limit.
You may also have a corrupt .htaccess file. To fix this, rename the file to .htaccess_old:
Then, create a new file and name it .htaccess. Open this file and add this code:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPressThis should resolve the 500 internal server error. Before you start using your site as normal, go to Settings » Permalinks and hit Save Changes. WordPress will automatically generate a new .htaccess file for you.
Still locked out of WordPress? Check out this tutorial on how to fix the 500 internal server error.
You might change your WordPress site’s URLs when you’re using a new domain name, migrating a local site to a live server, or moving from HTTP to HTTPS. If you make a mistake in the URL, you may find a “404 Not Found” error when you try to log into wp-admin.
Even if you’re locked out of WordPress, you can manually change your site’s URLs. Using an FTP client, find your theme folder and open the functions.php file:
In this file, add this code. Be sure to replace the demo URLs with your custom site information:
update_option( 'siteurl', 'https://example.com' );
update_option( 'home', 'https://example.com' );Save the file and try to log into your dashboard again. If everything is functioning normally, go back and remove these lines.
A 403 Forbidden Error implies that you don’t have permission to access a specific resource on the server. It can prevent you from accessing the WordPress login page or the wp-admin area.
Usually, 403 Forbidden Errors happen when a security plugin blocks your IP address, thinking that it’s malicious. It could also occur because of incorrect file permissions, a corrupt .htaccess file, or wrong server settings.
If you see this 403 Forbidden error, try these troubleshooting methods.
Sometimes, you’ll see a 401 Unauthorized error that will lock you out of WordPress. This usually means that your WordPress admin folder is password protected, and you didn’t enter a password.
However, this error can also be caused by security plugins. Additionally, some hosting companies’ security precautions can trigger this error by mistake.
If you added password protection to your admin directory, you can temporarily disable it. Using Bluehost, find the Directory Privacy setting:
Then, deselect the option to Password protect this directory. Be sure to save this change:
You’ll also need to go back to the previous page and delete the username assigned to the password-protected directory. After this, you should be able to log in!
Do you need additional solutions? You may like this comprehensive guide on fixing the 401 error in WordPress.
Some plugins can cause conflicts that lock you out of your site. If you can’t log in after just installing a new plugin, this is probably the cause.
To fix it, find your wp-content » plugins folder. Add “deactivate” to its name:
This will temporarily disable all plugins on your site. Once you log back into your dashboard, you’ll need to reactivate each plugin one at a time.
If the error happens again, you’ll know which plugin caused it. Then, we’d recommend deleting it and finding a better alternative.
The Briefly Unavailable for Scheduled Maintenance error appears while your site is updating its core WordPress software, plugins, or themes. It might linger if an update was interrupted.
During an update, WordPress will create a temporary .maintenance folder. Once the update finishes, the file is deleted. However, your site could be stuck in maintenance mode.
All you’ll need to do is delete this .maintenance file manually:
If you don’t see it, it could be hidden. In FileZilla, go into the Server settings and make sure it’s force-showing hidden files:
After you delete the temporary maintenance file, your site will no longer be in maintenance mode!
If you see an error that says “This has been disabled,” you probably went to the wrong URL for your admin account.
Many WordPress site owners change their default login URLs to improve security and prevent hackers from accessing common login links like wp-admin and wp-login. If you changed yours, your original URL won’t work.
Need help locating your custom wp-admin link? Check out this tutorial on how to find your WordPress login URL.
You might accidentally trigger a PHP error after using a code snippet that you found on a WordPress tutorial online. With the wrong code, your entire site could go down.
To get your site up and running again, you’ll need to find the file where you pasted the code snippet. Since you can’t access your built-in WordPress file editor, use an FTP client.
Then, remove the code or adjust the syntax so that it’s correct. To avoid this problem in the future, be sure to use web code snippets correctly.
Sometimes, a technical glitch beyond your control can lead to a lockout. Usually, you’ll receive an automated email to help you identify the issue and log back in.
In this case, simply use the login link and troubleshoot the issue. Your site will be in recovery mode, making it easy to find the troublesome plugin or theme.
In the normal login process, WordPress will make sure your username and password are correct and then save a login browser cookie. After this, you’ll automatically be redirected to your WordPress admin dashboard.
However, your login page might keep refreshing and redirecting back to the same login screen. This could be caused by incorrect URL settings or login cookies failing.
To solve this problem, try clearing your browser cache and cookies. Additionally, you could open your wp-config.php file and add this code:
define('WP_HOME','https://www.example.com');
define('WP_SITEURL','https://www.example.com');For more tips and tricks, check out this guide on how to fix the WordPress login page refreshing and redirecting issue.
You might be locked out of your WordPress site due to various reasons, such as entering incorrect login credentials, too many failed login attempts, a cyber attack, or a technical issue with the site or server. Identifying the specific cause will help you apply the appropriate solution to regain access.
WordPress doesn’t have a specific standard time duration for locking users out. It depends on the settings configured by the website administrator or any security plugins installed.
To recover your admin login, reset your WordPress password. If there is a large-scale issue happening with your site, consider restoring a recent backup. This will immediately revert your site to a version before the error happened, and you’ll be able to log in.
That’s it! You’ve just fixed your website after being locked out of WordPress.
Do you want to always have an off-site backup ready to restore after errors? Check out this tutorial on how to save your WordPress backup to Amazon S3.
Ready to get your WordPress site back up and running? Download Duplicator Pro to easily save backups and restore them whenever you need to!
