WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] Cannot log in - redirects to homepage (83 posts)

  1. jnikkir
    Member
    Posted 3 months ago #

    After updating, I could no longer log in to my dashboard. I could navigate to /wp-admin/ just fine and enter my login details, but no matter what, I was immediately redirected to my homepage, and was not logged in.

    In order to access my dashboard, I renamed the better-wp-security plugin folder via FTP, and now I can log in as normal. On my plugins page, it lists "iThemes Security", but it's deactivated.

    I'm just wondering how exactly to proceed. Should I delete better-wp-security via FTP, and reinstall "iThemes" from scratch? Are there any other options?

    https://wordpress.org/plugins/better-wp-security/

  2. JoshTT35
    Member
    Posted 3 months ago #

    Same for me. I updated to the newly labeled iThemes a day or so ago, but after updating the latest, it doesn't let me into my dashboard.

    I hope this can get fixed asap. Thanks!

  3. vytaulla51
    Member
    Posted 3 months ago #

    I have successfully updated on several sites, but one of them is having the same problem as above - I updated and was kicked to the site's homepage and could not log back in. I Ftp'd to the server and removed the plugin and was able to get back into the site. I tried bringing in a fresh copy of the plugin (now iTheme Security) but as soon as I activated it I was kicked out of the admin and back to the homepage. So I removed via ftp a second time.

    Most of my sites are hosted with one company; this site is hosted at another company - I'm wondering if it could be server related in some way? This particular site also has some plugins I'm not using anywhere else - plugin conflict?

  4. cliffrohde
    Member
    Posted 3 months ago #

    Same problem once upgraded to 4.0.5. This is a bad development. Thank god I haven't updated other sites.

    Oh, and I was not hiding the backend. But now it's effectively hidden from me! :(

    Site is http://goatcloud.com

  5. heartharmony
    Member
    Posted 3 months ago #

    Same issue here - one site was not a problem, the next one I encountered this error. I have temporarily renamed the plugin folder now via FTP so I can access the site.

    Hang in there ithemes! It will be worth it once you get through the teething problems.

  6. blairw
    Member
    Posted 3 months ago #

    Well I finally stabilized the iThemes Security plugin today and it updated and promptly locked me out of the website even with my whitelisted I.P.

  7. scarletcarnival
    Member
    Posted 3 months ago #

    I'll add the same thing. Each time it's activated, it shuts down the backend.

  8. mikeselander
    Member
    Posted 3 months ago #

    I'm having the same issue - but only so far with a site hosted on 1and1, not with sites hosted on Hostgator. Would love to be able to get back into my site.

  9. WordPress.Me
    Member
    Posted 3 months ago #

    I am also having same issue with 4.0.5.

  10. dpiffy
    Member
    Posted 3 months ago #

    Having same issue, however, instead of redirecting me to the homepage, it redirects me to a fresh login screen as if I never even put in my credentials. No error messages given whatsoever. I too FTP and rename it to deactivate it and I once again can get in just as everyone else is saying. I even went as far as uninstalling and deleting all files for the plugin and redownloading it fresh from scratch, upon activation, back to the same problem.

    I am on GoDaddy for my host.

    I had this problem not only in this latest update (4.0.5) but the last 2-3 updates before this as well (like 4.0.2), even before the official name changeover, it started happening out of nowhere.

    I have no other plugins that should be conflicting with this one.

    Also, iThemes, I do have the box ticked to send anonymous data to you for your plugin, maybe something you should look into?

  11. dpiffy
    Member
    Posted 3 months ago #

    Glad to know I am not the only one experiencing this too.

  12. dpiffy
    Member
    Posted 3 months ago #

    Update: I saw some similar issues in other posts referring to clearing out the htaccess file. I did so, reactivated wp-security, turned off redirect login page feature, saved, the re-enabled that feature which put the fresh code back in, and still I can't login (without disabling/ftp renaming the plugin).

    FURTHERMORE, what is weirder is if I disable the login name redirect feature all together but keep the plugin installed and activated still, I can then log in just fine, but the even weirder part is the login slug I selected to be used is still in effect and it doesn't remove the htaccess settings for the redirect slug, but yet it works (along with /login or /wp-login) and I can get in just fine.

    The problem DEFINITELY seems to lie in the "Hide backend/login" feature and not the entire plugin in general. At least for me.

    Anyone else confirm this fixing it for them? Disabling the backend feature found on the setting page about 2/3 of the way down.

  13. djaef
    Member
    Posted 3 months ago #

    I haven't used the "Hide backend/login" feature and I have the same problems as everyone else after the 4.05 'upgrade'.

    I've just renamed it via ftp at the moment, but there's no point activating it again without an update...

  14. djaef
    Member
    Posted 3 months ago #

    Can we get some form of official response to this please.
    I'd like to know what to do.

  15. cliffrohde
    Member
    Posted 3 months ago #

    I probably should have added before with respect to my situation:

    Hostgator hosting
    Linux server
    PHP 5.5
    and as mentioned, not hiding the back end

  16. semisweetchick
    Member
    Posted 3 months ago #

    I am ROYALLY [quack] about this. On attempting to login after activating iThemes Security I get redirected to the homepage.

    WELP, iThemes Security, you're outta there. Plenty of other, better options available.

    Thanks to all who contributed a solution in this thread, while the developers maintain radio silence on a critical support issue. I'll get into my site via FTP and delete the plugin, which sounds like it should solve the problem.

    Aaand, just quick update: I went in through my CPanel to file manager and obliterated the better-wp-security folder contents and now can log in again. The dashboard shows the plugin is deactivated.

    Other details of note:
    Lunarpages hosting
    Linux server
    PHP 5.3.5
    Did NOT enable hide backend

  17. bullseyedesigns
    Member
    Posted 3 months ago #

    Same issue for me with the latest update. After the update i get kicked out of my admin, and cannot get back in. It keeps redirecting to my home page. I haven't even set anything on the plugin.
    Luckily i'm only on my localhost testing pages, but i will have to remove this plugin on any of my current sites if the owners update and can't get into their admin.
    We need some sort of response from the developers. Even if it's to say we're looking into it!

  18. Net101
    Member
    Posted 3 months ago #

    Same here. I went into my pug in directory via FTP and removed the plugin and now I can access the Dashboard. Hopefully they will fix this soon.

  19. jamesewelch
    Member
    Posted 3 months ago #

    Same problem here too.

    I used the "Hide backend/login" option and I see the login form on the new login page, but once I submit my credentials, I'm redirected to the old admin page which displays a 404.

    I'm also never actually logged in, since I don't see the admin toolbar on my site after logging in.

    Is there a way I can turn this off via FTP without deleting the entire plugin?

  20. Placeholder
    Member
    Posted 3 months ago #

    Same! Login attempt redirects to home page, renaming folder in plugins gets me in, reactivating plugin in dashboard gets me white page. I'm also on 1&1.

  21. jnikkir
    Member
    Posted 3 months ago #

    I'd say I'm glad I'm not the only one with this problem, but obviously I wish we weren't dealing with this in the first place.

    To clarify - the issue (mine and many others on this thread) is that we're getting redirected to the homepage after "login". There's no 404 error, just a redirect - from all things /wp-admin back to the homepage. As with jamesewelch's situation (though he's actually seeing a 404), there's also no admin toolbar on the site after "logging in" and being redirected to the homepage.

    I hope we get some answers from the developers. Radio silence is quite disconcerting. Thinking of just deleting better-wp-security via FTP and finding a new security plugin. This has not been handled well.

  22. vtxyzzy
    Member
    Posted 3 months ago #

    Same here.

    I have updated 8 sites with no problems, but on one, I cannot log in. Deleting the plugin folder allows me to log in.

    Lunarpages hosting
    WP 3.8.1
    Weaver II theme
    PHP Version: 5.3.14
    MySQL Version: 5.1.70-rel14.8

  23. jamesewelch
    Member
    Posted 3 months ago #

    Here's how I fixed it. This only applies to people who have enabled "hide backend" option of the plugin and are now unable to log into their web sites.

    If using FTP client
    1. Use FTP to log into /wp-content/plugins
    2. Rename "better-wp-security" to a different name
    3. Log into wordpress using /wp-admin (it may take a few seconds)
    4. I used Adminer plugin to query/access my db
    5. Select the "wp_options" table
    6. Filter using 'select' where 'option_name' '=' 'itsec_hide_backend'
    7. Select and Delete that single row, this will reset that option and disable the hide backend option
    8. Rename the plug-in back to original name

    If you have access to a database query/editor via host control panel or other means
    1. Delete the hide backend option, so that it becomes disabled by default:
    Delete from wp_options where option_name = 'itsec_hide_backend'

  24. vytaulla51
    Member
    Posted 3 months ago #

    I don't have "hide back end" selected -- I was kicked out of the site when I tried to activate the plugin. So maybe there's two different problems happening. For some, it's the "the hide the backend" selection which can be fixed by deselecting that.

    Others of us must have some other conflict.

    I should have noted previously, the theme is custom, using WP 3.8.1, the php version is 5.2.17.

    Plugins I'm using that I don't use on every other site are: Display Widgets, Reflex Gallery and Responsive Image Maps. The others are things like TinyMCE Advanced, etc.

  25. KBaucherel
    Member
    Posted 3 months ago #

    Just had the exact same issue. I renamed the plugin folder in the directory and hey presto I can get to my dashboard again. Not going to reactivate this until I hear it's fixed.

  26. col-panic
    Member
    Posted 3 months ago #

    Wish I could say that jamesewelch's fix worked (I *do* have hide backend enabled) but the results were the same, I still get dumped back to the home screen. Even though they didn't work for me, thanks for writing those easy to follow instructions, James.

    At this point, if I can find the previous 3.x version of BWPS somewhere, I'll probably just reinstall it and keep it in place until this issue gets resolved.

  27. vtxyzzy
    Member
    Posted 3 months ago #

  28. col-panic
    Member
    Posted 3 months ago #

    Got it. Saw it in another post just right after I posted mine, and have it installed and activated now. Thanks!

  29. iThemes
    Member
    Plugin Author

    Posted 3 months ago #

    Hello All,

    Thanks for reporting this and my apologies for the trouble. We're actively looking into this and a release for it is coming soon.

    Thanks for your patience,

    Gerroald

  30. davidebabylonia
    Member
    Posted 3 months ago #

    I fond out the cure for me, I saw a folder wp-content/uploads/ithemes-security, there is one file in there named isec_away.config, open the website folders with an ftp program and download that file anywhere and then delete it from the server.

    try open again the dashboard of wordpress (to me it reborn), open SECURITY from the menu, once on the dashboard of the plugin, scroll visually to the section "Security status" and click on the "completed" tab.

    on the line of the away mode, click edit and uncheck the thickbox

    DO NOT press save yet

    Return to the ftp program and upload again the isec_away.config in the original position

    go back to wordpress and press save

    This actions to me had restored the plugin working!

Reply »

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.