The WordPress admin area works in exactly the same way as the other parts of the system – through a login system (“/wp-admin”), you’re able to gain access to the backend dashboard, through which you’re able to add posts etc.

Whilst there are a number of potential causes of the problem, they’re all relatively simple to fix.

The most important point to make is that your system *may* have been infected with malware. I’ve experienced this issue before – hackers inject code into your WordPress system in the hope that it will distribute fake referral traffic for them.

If you have ANY malware issue with WordPress, you’ll need to get a technician to look at it. When it happened to us, our sites kept getting attacked and we had to move hosts in the end.

Obviously, malware is not going to be high on the list – the likely problem you have is either a plugin is preventing your login, or some other issue has prevented WordPress from authenticating you.

Causes

As mentioned, there are several common causes which typically lead the admin area to not work:

  • Bad update prevented WordPress from updating its core files
  • Certain plugins are preventing the login from occurring
  • You’ve set your app to https:// and are continually experiencing a redirect loop
  • Your system may have had its files changed on the server
  • WordPress may have become infected with malware

The most important thing to note is that WordPress is built with PHP.

PHP is a scripting language which provides rudimentary “dynamic” functionality to Internet centric applications, allowing for the likes of dynamic pages, login/logoff functionality and more.

Whilst PHP has existed for many decades, and is supported by the majority of hosting providers, there are a number of instances where its applications may not run properly.

It’s likely the case that your WordPress installation is experiencing this issue, although there are a number of other problems (hosting/malware/coding issues etc) which be causing it, too.

To fix the problem, there are 6 “steps” you can take…

Solution

1. Clear Browser Cache

The first step is to clear your browser’s cache.

The “cache” of your browser basically stores websites, login information etc.

It exists to give your browser the ability to “save” the relevant files which allow it to load files/websites faster. You’d be surprised at how crucial it actually it.

It *can* be the case that the admin panel of WordPress hasn’t had its cache updated. Whilst a relatively rare issue, still can cause the login issue to occur:

  • Chrome
  • Click on the top “vertical dots” menu at the top right of the Chrome Window
  • From the drop-down, select “Settings”
  • Click on “Advanced” (you’ll have to scroll down)
  • In the “Privacy and Security” section, select “Clear Browsing Data”
  • Check every box and make sure “All Time” is selected
  • Click “Clear Data” (blue box)
  • Let it clean the cache
  • Firefox
  • Click on the “Horizontal Lines” menu at the top right of the screen
  • Select “Options”
  • Select “Privacy” (left sidebar)
  • Click “Clear Your Recent History”
  • Select all and ensure that “Everything” is selected
  • Click “Clear Now”
  • Let it clean the cache
  • Microsoft Edge
  • Click on the “dots” menu at the top right of the Window
  • From the drop down, select “Settings”
  • Scroll down to “Clear Browsing Data”
  • Click the “Choose what to clear” button
  • Select all available options and click “Clear”
  • Let it clean the cache

This won’t solve the error, but should ensure that your browsers are not causing any further issues.

2. Gain Access To CPanel

The next step is to gain access to CPanel (or the equivalent control panel for your hosting).

EVERY WordPress has to be hosted somewhere; the way in which you are able to manage the various resources / server is dependent on which type of control panel your host may be running.

The point is that you need access to the files of your system.

With CPanel, this is done with “File Manager”; it may differ depending on the type of hosting you’re using…

  • Log into your hosting provider
  • Browse to the control panel and look for any way you can access the “File Manager” of your system

If you cannot access the file manager, you need to talk to your host – or – gain access via FTP.

If you want to use FTP, you’ll need to do the following:

  • Download an FTP application (FileZilla was the one I used to use)
  • Once downloaded, run the application
  • Into the “IP” / “Address” box, type “ftp.yourdomain.com” (or whatever the FTP address is – your host will be able to tell you about it)
  • Into the “username” & “password” boxes, you’ll need to type your FTP user details (again, your host can help if this is not something you know)

Once you gain access to the files of your system, you’ll be able to then start working on a fix.

3. Disable Plugins (Rename Folder)

Once you’ve gained access to the files, you then need to rename the “plugins” folder.

Renaming this folder gives you the ability to essentially disable any of the plugins that WordPress may be running. Obviously, this may cause temporary issues – but should remove this potential issue from the equation:

  • Click into the “WordPress” installation folder (you can tell by the presence of “wp-includes” etc inside it).
  • When you find the WordPress folder, browse to “wp-content”
  • Inside this folder, you’ll find the “plugins” folder
  • Rename the folder to something like “plugins_bk”
  • Go back to your web browser and attempt to log into your WordPress installation again

If it works, you should re-download each plugin and try enabling each one until you find the cause of the problem.

If it doesn’t work, you need to try fixing some of the core settings of the WordPress system.

4. Change Admin Password In DB

The WordPress system – as mentioned – is built on PHP.

The beauty of the system lies in how it uses a database to store the various information / content for your site.

To this end, if you are having issues loggin in, you may need to change some of the settings inside the database.

Any legitimate host should provide access to database management portal. You can use it with the following:

  • Click into the “control panel” for your hosting
  • Look around for the “database” section (this varies from host to host)
  • In most hosting providers, you’ll have “PHPMyAdmin” – click this (it allows you to manage your WordPress database)
  • From the database which shows, select the one for your WordPress installation
  • Browse to the “users” table
  • Select your admin account
  • In the “password” field, type a new password
  • In the “type” field, select MD5
  • Click “OK” to save the entry
  • Try logging back into your WP installation

As mentioned, this is not an exhaustive list (each host handles this differently).

If you have trouble following the above steps, you’ll be best talking to your hosting provider OR a company able to provide support.

5. Make Sure You’re Not In An HTTPS Redirect Loop

One of the main causes of the admin area “lockout” problem in WordPress is what’s known as an “HTTPS redirect loop”.

This is basically where you will set your site to use HTTPS, and it will have another redirect facility preventing you from accessing the admin area.

To further this, the way that cookies work is specific to the domain you’re accessing. HTTP & HTTPS are considered entirely different entities, and thus logging into one variant does not permit you to access the other.

The fix for this is as follows:

  • In the WordPress Database (as mentioned din Step 4), click on the “wp_options” table
  • Look for the “siteurl” option
  • Make sure it’s “http://… “
  • Look for any other references to the site’s domain / protocol
  • Ensure the “http://… ” reference with any that you find
  • Clear your browser’s cache (step 1)
  • Try logging into your system again

If this doesn’t work, it may be worth replacing your WordPress core files.

6. Replace WordPress Core Files

The next step is to replace the WordPress core files in your system.

To do this, we first need to ensure the “config” file for WP (“wp-config.php”) is kept secure:

  • Access the files for WordPress again (from Step #2)
  • Browse to your WordPress installation’s base folder
  • Look for “wp-config.php”
  • Download it to your PC
  • After doing this, click onto your preferred search engine + look for “WordPress download”
  • You should find the “WordPress.org” website
  • Click the “download” button (blue)
  • Once saved, you’ll need to unzip the files into a folder on your system
  • Click back onto your hosting file manager
  • Select the “WordPress” folder and rename it (something like “wp_bk” or similar)
  • From here, create a new “WordPress” folder (with the same name as the original)
  • Into this folder, upload all the new WordPress files you downloaded from WP’s site
  • Copy wp-config.php into the base folder (it should overwrite what’s already there)
  • Try accessing the site

If there are any issues with this, you’ll be able to simply rename your old WP directory back to its original name.

If you still are unable to resolve the problem, you will need to get some more specific support. There are actually several ways you can do this – either with the likes of online communities (such as Microsoft Answers or SuperUser), or from a committed source of support (your hosting account etc). Fiverr is also a good place to find people who’ll help resolve WordPress problems (but these guys will definitely need paying).

The point is that WordPress is generally quite a flexible platform, and the problem of not being able to access the admin area for your application is certainly not as unique as you may imagine. To this end, it will do your site justice to – perhaps – get a “checkup” from a WordPress company, who will be able to provide you with a rundown of what might be working well, and what may not. They should also be able to address the faulty admin area.