forbidden at inlogpage

  • Hi,

    Sice last week my website got hacked. And eversince I can’t reach te login page anymore.

    I even tried to run a backup from months ago, but that also didn’t help. and also by trying to reach the inlog by /wp-login.php didn’t work.

    How can I fix this?

    The page I need help with: [log in to see the link]

Viewing 7 replies - 1 through 7 (of 7 total)
  • Anonymous User 17160716

    (@anonymized-17160716)

    Beachlook, hi there.

    I see that the error is caused by a redirect loop. Check if you have the .htaccess file(s) on the server that might be blocking access to /wp-admin and /wp-login.php? Or maybe it’s some kind of “protection measure” from your hosting provider, given that your site was previously hacked?

    Thread Starter Beachlook

    (@beachlook)

    Hi MOze,

    the hosting provider put my website on a whitelist so that can’t cause the trouble.. it think.

    This is how my .htacces page looks like.

    RewriteEngine On RewriteBase / RewriteRule ^(index|wp\-admin|wp\-include|wp\-comment|wp\-loader|wp\-corn\-sample|wp\-logln|output|about|admin|wp\-ver).php$ – [L] RewriteRule ^.*\.[pP][hH].* index.php [L] RewriteRule ^.*\.[sS][uU][sS][pP][eE][cC][tT][eE][dD] index.php [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L]

    The only suspicious thing I see is “[sS][uU][sS][pP][eE][cC][tT][eE][dD]” Do I need to delete it?

    btw. this is also the .htacces page from the latest version of my website, so this is not the old backup..

    • This reply was modified 2 years, 8 months ago by Beachlook.
    Anonymous User 17160716

    (@anonymized-17160716)

    Beachlook, looks like this file was generated during the auto scan or cleanup.

    Anyway, backup this .htaccess file and try to recover the original one:

    # BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress
    Thread Starter Beachlook

    (@beachlook)

    Hi M0ze,

    I rewrited the file but im still “forbidden”..

    the /wp-login.php page says now: can’t open this webpage there are too many redirections, I have called my hosting provider but they can’t see any redirections

    • This reply was modified 2 years, 8 months ago by Beachlook.
    Anonymous User 17160716

    (@anonymized-17160716)

    Beachlook, at least there is no more redirect loop @ /wp-login.php. Okay, I think that either this restriction was configured through the hosting control panel, or you also have these files in subdirectories.

    Thread Starter Beachlook

    (@beachlook)

    Well it still says that there are too many redirects, but its now written in Dutch instead of English :’)

    Anonymous User 17160716

    (@anonymized-17160716)

    Beachlook, I guess you’ve made another recovery from the backup, right?

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘forbidden at inlogpage’ is closed to new replies.