Troubleshooting Common WordPress Login Issues

 Have issues with your WordPress login page? Can't seem to access your WordPress dashboard? These can be frustrating, especially when you want to make a quick update on your WordPress site.

Here are some common login issues with WordPress and how to troubleshoot them.

Basic Troubleshooting

• Cache and cookies ⤵
• Incorrect WordPress login credentials ⤵
• Blocked IP address ⤵
• Security plugins ⤵
• Incorrect site URL ⤵
• File permissions ⤵

Advanced Troubleshooting

• .htaccess File ⤵
• Missing wp-login.php file ⤵

Basic Troubleshooting

Cache and cookies

To rule out simple issues, deleting your cache and cookies is recommended before troubleshooting. Believe it or not, many website issues are resolved by simply deleting cache and cookies!

You may check these articles if you need a guide in deleting your cache and cookies.

• How Do I Clear My Web Browser's Cache?
• How to Clear the Cache on Your WordPress Site  (Blog)

Incorrect WordPress login credentials

An incorrect username and/or password is one of the most common reasons why you can't access WordPress. You will usually see that little prompt on your WordPress login page that either the username or password is incorrect.

If it's a username, you may want to try using the email address you used during your WordPress setup. 

If WordPress says it's your password, you can reset your WordPress password using the Lost Your Password? link on the login page. There are also other ways to reset your WordPress password. Please check out this article for the instructions.

• How to Reset WordPress Password
• 7 Tips for Creating Strong Passwords You Can Actually Remember (Blog)

Blocked IP address

There may be a time that you get an error message similar to:

ERROR: Access from your IP address has been blocked for security reasons. Please contact the administrator.

This error normally shows up when you have a security plugin installed, and its security feature is blocking your current IP address. To whitelist (unblock) your IP, you first need to get the IP address you're using.

• To find your computer's IP Address, use Google to search for 'what is my IP' or go to https://www.google.com/search?q=what+is+my+ip. Google will display your IP Address in the search results. Please note this feature is only available in English.

Once you have your IP, log in to your WordPress dashboard using a different computer or device. Access the settings of the security plugin and whitelist your IP address.

Security plugins

Of course, you will want to give your site an extra layer of protection. One way of securing your site is using security plugins. If you are using a WordPress security plugin, you might have accidentally blocked yourself. This may happen if, for example, you hit the maximum limit of login attempts. The security feature will kick in, causing you to lose access to your website. You may also see this error:

ERROR: Access from your IP address has been blocked for security reasons. Please contact the administrator.

For this, you may want to try disabling your security plugins. Here are some ways to disable your security plugin if you're unable to access your WordPress dashboard.

• Disable your plugin via database - Please check out the article, Enable/Disable WordPress Plugins using Database, for the instructions. This can be done via your control panel's phpMyAdmin.
   
• Disable your plugin via FTP - For this method, you will need to launch your FTP so you can get access to your WordPress core files on your server.
  1. Connect to your server using your FTP client.
  2. Click the folder of your WordPress files.
  3. Navigate to the folder named wp-content, then click the plugins folder.
  4. Locate your security plugin (for example, jetpack-security), then rename its folder to something else (for example, jetpack-security-disable). This will disable your security plugin.
  5. Go ahead and try logging in to your WordPress dashboard.
  6. Once logged in, you may then rename your security plugin back to its original file name (for example, jetpack-security).
• Disable your plugin via cPanel (if you have one) - This method requires access to your cPanel.
  1. Log in to cPanel.
  2. Click the File Manager icon.
  3. Go to your WordPress folder, then click the wp-content folder.
  4. Navigate inside the plugins folder, then locate your security plugin (for example, sucuri-plugin).
  5. Right-click on the security plugin folder and select Rename.
  6. Rename the security plugin's folder to something else (for example, sucuri-plugin-disable). This will disable your security plugin.
  7. Try logging in to your WordPress dashboard.
  8. Once logged in, you may then rename your security plugin back to its original file name (for example, sucuri-plugin).

To know more about WordPress security plugins, you can check these helpful guides.

• How to Install/Uninstall WordPress Plugins
• 6 Best WordPress Security Plugins (Blog)
• Top 5 WordPress Security Plugins (Video)

Incorrect site URL

If you made changes on your WordPress site and, for some reason, your site URL was changed, you may get an error page when trying to access the WordPress dashboard. For example, if your site https://thisismysite.com is redirecting you to https://example-site.com/wp-login.php, your site URL is wrong.

To fix your site URL:

1. Connect to your FTP client or cPanel.
2. Click the File Manager icon.
3. Go to your WordPress folder and locate the wp-config.php file.
4. Right-click the wp-config.php file, then select Edit.
5. Add this script just above the line "/* That's all, stop editing! Happy publishing. */":
    

   define('WP_HOME','https://thisismysite.com');  
   
     
   
   define('WP_SITEURL','https://thisismysite.com');

   Please make sure to replace "thisismysite.com" with your actual domain name.

   Important Note: Once you add these lines to your wp-config.php file, you won’t be able to edit them on the General Settings of your WordPress dashboard.
6. Click Save.
7. Try logging in to your WordPress dashboard. Once logged in, remove the new scripts from the wp-config.php file, then click Save.

File permissions

Every file of your website has file permissions that grant different levels of access. If you changed your file permissions, you might have incorrectly set up permissions on your wp-login.php file and/or wp-admin folder.

To check your file permissions:

1. Connect to your FTP client or cPanel.
2. Click the File Manager icon.
3. Go to your WordPress folder and locate the wp-login.php file and wp-admin folder.
4. Look for the Permissions column.
5. Make sure that wp-login.php is set to 664 and the wp-admin folder is set to 775.

Please check out the article How to Change Permissions (chmod) of a File for the complete details.

Advanced troubleshooting

Still unable to access your WordPress login page? The cause may be one of the following.

.htaccess file

The .htaccess file is one of your WordPress core files, and any change in it may directly affect or break your site, like redirecting your website's admin page to your main page, causing you to lose access to your WordPress dashboard. In this case, you may need to check the scripts of your .htaccess file in your document root.

Here are some helpful articles to get you started.

• Common Default .htaccess Information
• Default files .htaccess and php.ini
• .htaccess Guidance
• How to Edit Your .htaccess File

Missing wp-login.php file

If the wp-login.php file was accidentally moved or deleted, the WordPress dashboard will not be accessible and may return an error page. For this, you may need to reupload your wp-login.php file to your document root. We strongly recommend creating a backup of your website first before making any changes and contacting your web developer if you're uncomfortable working on your WordPress core files directly.

• How To Backup A WordPress Site Without A Plugin (Blog)
• How To Create a Backup of Installation With Softaculous - If you installed your WordPress using Softaculous, you could also create a backup within Softaculous.