Cannot log in to /wp-admin – Sorry, you are not allowed to access this page.

I’m faced with the same issue, I’ve posted a similar thread about this yesterday.
Something regarding permissions seems to be missing for me but I’d suggest checking wp_users and wp_usermeta in the phpmysql (or wtv db management you use) and validate that the ID for your admin is the same in both tables.

• This reply was modified 6 years, 11 months ago by orangeworx.

First I tried the logins I already had. They did not work.

—

Then I created a brand new login with this SQL:

INSERT INTO wp_users (ID, user_login, user_pass, user_nicename, user_email, user_status, display_name) VALUES ('1742', 'UserName', MD5('Password'), 'tempuser', 'pierre@skinetworks.com', '0', 'Temp User');

INSERT INTO wp_usermeta (umeta_id, user_id, meta_key, meta_value) VALUES (NULL, '1742', 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');

INSERT INTO wp_usermeta (umeta_id, user_id, meta_key, meta_value) VALUES (NULL, '1742', 'wp_user_level', '10');

This did not work either. ( Copied the SQL from here: https://www.wpwhitesecurity.com/wordpress-tutorial/manually-add-wordpress-user-administrator-role-wordpress-database/ )

Might it be because something is missing in my SQL ?

Hi @pierrehustedsigvardsen,

1. Do you remember what you did as last action before not being able to enter the administration section? If so, did you try to revert this action?
2. If you have a single wordpress installation try to disable the old .htaccess file and create a new one with the following information:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

3. What version of PHP do you have, some older versions of PHP are having compatibility issues with WordPress.
4. Verify that all tables in your database have the correct prefix (i.e.: wp_)
5. Also check in database that the correct capabilities are added to your account in the wp_usermeta table (note: prefix might be different then wp_), under meta_key wp_capabilities it should say under meta_value a:1:{s:13:"administrator";s:1:"1";} and under meta_key wp_user_level it should state under meta_value 10

That should fix the problem.
Good luck.

Hi @pierrehustedsigvardsen,

I checked your SQL, this ain’t going to work. You are missing all the (‘) in the SQL query.

Just copy the following SQL query and alter the text a bit to your liking.

INSERT INTO 'wp_users' ('user_login', 'user_pass', 'user_nicename', 'user_email', 'user_status')
VALUES ('newadmin', MD5('pass123'), 'firstname lastname', 'email@example.com', '0');

INSERT INTO 'wp_usermeta' ('umeta_id', 'user_id', 'meta_key', 'meta_value')
VALUES (NULL, (Select max(id) FROM wp_users), 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

INSERT INTO 'wp_usermeta' ('umeta_id', 'user_id', 'meta_key', 'meta_value')
VALUES (NULL, (Select max(id) FROM wp_users), 'wp_user_level', '10');

I can’t realy add the usual quotes because it changes to code..
Check THIS website for the correct quoted code.

• This reply was modified 6 years, 11 months ago by helldog2018.
• This reply was modified 6 years, 11 months ago by helldog2018.
• This reply was modified 6 years, 11 months ago by helldog2018.

@helldog2018
I don’t want to hog this thread, can you take a peak at mine here? Thanks

@helldog2018

1)
I have no idea what was done last. The login worked a couple of months ago.

2)
On the train home now. No server-access from here. But I’ll try this later.
Did try to remove the .htaccess file all together. Didn’t change anything.

3)
I have other webs running WordPress just fine on the same server. So the PHP version is just fine.

4)
All the tables are just fine. Created a brand new database for the DEV-site, with nothing but wp_ tables in it.

5)
Are you sure about this??

Yours says a:1:{s:13:"administrator";s:1:"1";} and mine says a:1:{s:13:"administrator";b:1:"1";}.

As far as I’ve been able to research, the b is the correct version (for boolean as opposed to string).

But I might be wrong.
After all my site isn’t working, so something is clearly wrong in my setup.

—

B)
The query is working just fine. There is no need for those backslash-like-quotes around the table-name and field-names. They are optional, unless the names are reserved words or contain something special (such as a space).

———-

Thanks for your posts @helldog2018

I’ll try the .htaccess file and the other version of the wp_capabilities, when I get server-access later.

My recreated super admin was given this wp_capabilities a:1:{s:13:”administrator”;s:1:”1″;}

on other WP instances it’s this a:1:{s:13:”administrator”;b:1;}
Not sure what that last :”1″; does

changing the first one to have b instead of s still gives me the you’re not allowed to view this page, on front end i’m logged in.

Now I’ve tried both the s:1 and adding a .htaccess with the suggested content.

It didn’t change a thing. ??
Still cannot log into the admin area.

Hi @pierrehustedsigvardsen,

I am sorry it did not work.
I read on other forums that for some it helped reverting back the prefix in database to _wp (not sure if you use a custom prefix though).
If you have multiple WordPress installations in one database, then there is a good chance all these installations are using the same prefix. Make sure the prefixed are differentiated from eachother, read HERE for more information.

Also, just to make sure, is this a single or a multisite install?

It’s a single install.
It has it’s own database. With the default “wp_” prefix to tables.

Moderators, could you please remove my link to my development-site?
The link added to the original post.

And remove this post afterwards too.

I’m currently debugging it, and I’m not sure if that opens up any holes anywhere.

Thanks!! ??

• This reply was modified 6 years, 11 months ago by pierrehustedsigvardsen.

@pierrehustedsigvardsen, No, we don’t consider that a valid reason. Put up a login wall or do other things to stop people seeing your website.

I’m currently debugging it, and I’m not sure if that opens up any holes anywhere.

Taking it off this thread does nothing to prevent that.