Retrieve the url address for admin access

Usually it is the iTSec plugin Away Mode (Redirects requests to the admin login page to the home page during away hours) and/or Hide Backend modules that are known to cause issues similar to what you are experiencing.

You can temporarily disable ALL iTSec plugin modules by (properly) adding the line below to the wp-config.php file:

define('ITSEC_DISABLE_MODULES', true);

This should allow you to access the default admin login page again.
Once logged in navigate to the Security/Settings page and check the current settings in the Away Mode and/or Hide Backend modules.

Hi @nlpro and thank you for your reply ??
I tried to do that, but unfortunatly nothing is changed. ??

What can I do?

I had changed the login url to a custom one, but if I try to access the url it redirects me to the home page.

That sounds like the iTSec plugin Away Mode module is enabled. Since you don’t get a 404 it seems the (custom Hide Backend) URL is correct.

It could be the attacker changed the Away Mode time window to a very short period in the middle of the night …

Even though the recommendation from my last post should take care of it, you could try a different method to disable the Away Mode module (only).

Whenever the Away Mode module is enabled it will create the file:

wp-content/uploads/ithemes-security/itsec_away.confg

If this file exists, try and rename/delete it. It’s perfectly safe to rename/delete this file. It’s specifically designed for circumventing Away Mode hours in case you MUST get in urgently.

If that doesn’t help, I’m out of options.

• This reply was modified 4 years, 9 months ago by nlpro. Reason: Corrected filename to itsec_away.confg

Hi @nlpro I checked but there isn’t that file in the folder.
Mmm… maybe can I try to rename the folder of “iThemes Security” plugin to disable it?

Thank you very much!

Ok, that probably means the iTSec plugin Away Mode module is not enabled.

So last resort is to deactivate the iTSec plugin by (yes) renaming the better-wp-security folder.

If that doesn’t help there is something else wrong with the WordPress environment which is unrelated to the iTSec plugin.

Hi @nlpro I disabled several plugin (one of them was “wp-404-auto-redirect-to-similar-post”) and now if I try to open the login page the web site give me 404 error page.

Maybe on database the hacker attack has changed the url of login page?
Is there a way to understand wich is the correct url of the login page?

Thank you!

It’s probably best to open a new topic in the WP 404 Auto Redirect to Similar Post support forum.

It appears this is not an iTSec plugin issue, so please mark this topic as resolved.

Good luck.

Hi @nlpro thanks, I will.
But how can I check wich is the correct url address to log in to ADMIN area (from the database) ?

Thank you!

Hi, I fixed; it was a problem of .htaccess ??
Thank you!