Struggling to access your WordPress admin?
If you can’t access WordPress admin of your site, it spells a world of trouble. You won’t be able to make changes to your website or fix any errors. But worse, it could mean that a hacker has taken control of your site and locked you out.
But you can put your mind at ease now. This problem is quite common and we’ve helped many clients regain access to their WordPress admin. Follow this guide and you’ll have access back in no time.
PRO TIP: Sometimes, the easiest solution is to refresh your page. In case you haven’t tried this already, we recommend clearing your cache and refreshing your website’s page. To clear your browser cache, use the settings option in your browser. To clear your website’s cache, use any of the caching plugins available in the WordPress repository.
Why Did You Lose Access To WP Admin?
To regain access to wp-admin, you need to know why you’ve lost access in the first place. If you already suspect or know the issue, then jump straight to the solution in the next section.
The most common reasons you can’t access your WordPress admin are:
1. A hacker has broken into your site and removed your admin privileges
2. You’ve made too many login attempts and are locked out of your site
3. You’ve changed your login URL and now can’t remember your custom login URL
4. You’re unable to recover your password using the ‘Recover Password’ option
5. You’re encountering errors on your wp-admin login page such as:
a. PHP error
b. Error establishing database connection
c. HTTP 500 internal server
d. White screen of death
e. Parse error
There may also be other errors that cause you to lose access to wp-admin, but in our 10+ years of experience working with WordPress, these are the most likely causes.
How To Fix Can’t Access WordPress Admin
We suggest you work your way down these fixes, as we’ve listed the most likely solutions first.
In case you’ve already tried a few solutions out, jump directly ahead to the solution you haven’t tried yet.
IMPORTANT NOTE: If you have access to set up a staging site using your web host or a plugin like BlogVault, we recommend carrying out the steps on a staging site and not directly on your live site. Some measures are technical in nature and a slight misstep can make the situation worse.
A staging environment is a clone of your website where you can experiment and troubleshoot to find the solution that works. So you can implement only the right solution on your live site.
1. Manually Reset Your Admin Password Via phpMyAdmin
By default, WordPress allows you to make an unlimited number of login attempts. This means you can try different usernames and passwords until you hit the right one.
But if you had limited login attempts on your site, either manually or by using a plugin, you might find yourself locked out.
If you’re unable to remember your password, and you’re also unable to retrieve it using the ‘Forgot Password’ option, you can reset your password through your web hosting account.
Even if a hacker has locked you out of your account, you should be able to create a new user account in this way to regain access to your site.
1. Log into your web hosting account and access cPanel.
2. Here, under Databases, select phpMyAdmin.
3. Next, select your website’s database.
PRO TIP: If you don’t know your database name, you can access cPanel > File Manager > public_html. Here, right-click and Edit your wp-config.php file. You’ll find your database credentials in this wp-config file.
4. Inside your database, you’ll see a number of tables displayed. Select wp_users and edit it.
You will be able to create or edit users here, and set passwords.
Locate your username, and under user_pass, in the Value field, enter the password of your choice. Finally, save your changes.
Now when you access your WordPress login page, you can use the new login credentials and enter your wp-admin panel.
2. Restore Your Backup
You may have taken a backup either using a plugin or through your web host. If you have a backup, we recommend restoring your backup.
This will remove any recent errors that have popped up on your site.
After restoring your backup, you will be able to access your wp-admin page and log in as usual. We suggest that you still troubleshoot to find out the root cause of the problem so that the error is fixed permanently.
3. Disable Your Plugins
Sometimes plugins can be the culprits behind these errors on your site. Since you don’t have access to wp-admin, you’ll need to disable plugins manually.
- Log into your hosting account and go to cPanel > File Manager.
- Open public_html and open the wp-contents folder.
- Find the folder called Plugins and rename it to Plugins_Disable.
Now check if you can access your wp-login page. If you can, then a plugin is causing an incompatibility or conflict issue on your site.
You can log into wp-admin, and then activate your plugins one at a time. Each time, reload your site to check which plugin is causing the problem.
4. Scan Your Site
When hackers manage to take control of your site, they immediately lock you out. They remove your admin privileges so that they can run their malicious activities for as long as possible.
If you suspect a hack, you need to scan for malware immediately. Since you don’t have access to wp-admin, this can be tricky. Here’s what we suggest:
1. If you’ve installed a malware scanner like MalCare on your site, you’ll have access to an independent dashboard to run a scan remotely without having to log into WordPress
2. Use external online scanners like Virus Total to run a malware scan
3. Check if your website has been flagged by Google for being hacked on Google Safe Browsing
4. Check the Security tab in your Google Analytics account
If you detect malware on your site, you’ll need to clean it up. If you’re subscribed to a security plugin like MalCare, you can clean it up easily by clicking on the Auto Clean button.
If you haven’t yet signed up, you won’t be able to install a security plugin on your site since you’re locked out. In these cases, you can opt for MalCare’s emergency clean up service. MalCare’s security experts will manually clean the malware from your site and get your wp-admin access back.
You can also attempt to manually look for malware on your site. However, we don’t recommend it because manually scanning for malware on your own is not effective. It requires technical and security expertise. That said, if you still want to give it a try, we’ve created a guide that can help you run a manual malware scan.
IMPORTANT: Before we proceed with the next steps, if you haven’t taken a backup of your WordPress site, we recommend you backup your site immediately. These steps can be technical and involve modifying your WordPress files and database.
5. Re-upload wp-login.php
If you’re unable to access the login page of your WordPress site, it might be because your wp-login.php file was moved or deleted.
To fix the problem, you need to reupload this file.
1. Download a fresh WordPress installation on your computer. Unzip this file, look for the wp-login file and keep it ready.
2. Login to your web hosting account. Access cPanel > File Manager > public_html.
3. Using the upload option, upload the wp-login file from your computer to this public_html folder. You can overwrite the old file if it is present.
4. Open the wp-login file by right-clicking on it and selecting Edit.
5. At the end of the file, copy-paste this code:
// Delete this line
$user_login = $user_data[“user_login”];
// Replace it with this line
$user_login = $user_data->user_login;
6. Save your changes and you should be able to log into your WordPress admin account now.
6. Generate A New .htaccess File
The .htaccess file is one of the most sensitive files of your WordPress site. Sometimes, the smallest error in this file can break your site and cause you to lose access to your wp-admin panel.
You can try deleting the old .htaccess file and generating a new one to fix the issue.
1. Log into your web hosting account. Access cPanel > File Manager > public_html.
2. Find the .htaccess file and download it so that you have a backup copy.
PRO TIP: If you can’t find the .htaccess file, go to Settings and check the box Show Hidden Files.
3. Next, delete the .htaccess file and try accessing your WordPress login URL.
4. If it worked, once you’ve logged into your wp dashboard, go to Settings > Permalinks and Click Save. This will automatically generate a new .htaccess file. If this didn’t work, reupload your .htaccess file that you downloaded earlier.
7. Disable Your Theme
Similar to plugins, your theme may also be causing your wp-admin page to disappear. To disable your WordPress themes manually:
- Log into your hosting account and go to cPanel > File Manager.
- Open public_html and open the wp-contents folder.
- Find the folder called Themes and rename your active theme’s folder with the suffix _disable. This will automatically activate a default WordPress theme.
Now check if you can access your wp-login page. If the error has disappeared, then your theme was causing the issue.
To resolve the issue, you would need to contact the theme’s developer to pinpoint the error. They will likely fix any bugs and release a new version.
PRO TIP: If you have multiple themes installed, even if you aren’t using them, they could still cause conflicts and incompatibility issues. We recommend deleting all extra themes and only keeping the one you’re using.
8. Check File Permissions
WordPress has file permissions that grant different levels of access to different users of your WordPress site. You can change access to read, write, and execute files on your site.
We recommend permissions be set to the following:
- wp-admin: 744
- wp-content: 744
- wp-content/themes: 744
- wp-content/plugins: 744
- wp-content/uploads: 744
- wp-config.php: 764
- .htaccess: 764
To check and set the file permissions, you can use cPanel > File Manager in your web hosting account.
Once the correct permissions are set, you should have access to the WordPress login page.
9. Reinstall WordPress
If you still don’t have access to your WordPress admin, you can reinstall WordPress. There’s a possibility that files in the WordPress core installation are corrupted.
Reinstalling WordPress is a big step, as you’ll be replacing core files. But there are ways to do this without any stress. Here’s an in-depth guide to reinstalling WordPress.
CAUTION: This step carries a certain amount of risk. We recommend taking a backup of your site and using a staging site to reinstall WordPress.
10. Increase Your PHP Memory Limit
Every website is granted a limited amount of PHP memory. If you exceed the limit, errors can start popping up on your site. Increasing the PHP limit can resolve these errors.
To do this, you need to edit your wp-config.php file.
Log into cPanel > File Manager > public_html. Right-click and edit this file.
To edit the memory limit, find this line of code:
Increase the limit from 32M to 128M using the following line of code:
Save and exit the file.
For more information, follow our guide on how to increase your PHP limit through wp-config file.
11. Troubleshoot Individual Error WordPress Messages
You may be seeing specific errors on your WordPress site instead of your login page, such as:
- Parse Errors
- PHP Errors
Whichever error you’re facing, we have a complete guide to troubleshooting that you can follow to fix the issue.
We’re confident that one of these measures has helped you log into wp-admin. However, in the rare case that you still haven’t been able to solve the issue, we have a few pointers.
What To Do If You Still Can’t Access wp-admin
If you’re still locked out of your WordPress admin, here’s what you can do:
- Contact your web host – Your web host will look into the issue and reset your login access. Contact the customer support of your web host and ask them for assistance.
- Ask for help on the WordPress Support Forum – WordPress has an active Support Forum where you can ask for help from fellow WordPress users. You can post details about the issue you’re facing and someone will help you figure it out.
- Check popular forums – There are a number of forums where WordPress users are active. You can seek answers on Reddit, Quora, StackExchange, and StackOverflow.
You can also refer to our other article on Locked Out of WordPress Admin Dashboard.
Final Thoughts: How To Be Prepared For Next Time
Once you regain access to your WordPress dashboard, there are a few steps you should take to be better prepared in case this ever happens again:
- Take regular backups of your WordPress site with a plugin like BlogVault which has an independent dashboard. If things go wrong, you can restore your backup even if you don’t have access to your wp-admin.
- Keep a security plugin like MalCare active on your site. The plugin will set up a firewall to block malicious traffic from accessing your site. It will also scan your site regularly and alert you if there’s any suspicious activity.
- Bookmark this article and keep it handy so that you have a checklist of measures to take to resolve the error fast.
If one of the steps we’ve mentioned above helped you access your wp-admin page, give us a shoutout on Twitter. We’d love to hear from you.
Backup Your Site With BlogVault’s Backup Plugin