Support » Plugin: iThemes Security » Locked Out

  • Resolved barnabas1

    (@barnabas1)


    Hello,

    After changing the User ID no “1”in the settings of the plugin, which was my ID as an admin, now I cannot login to the dashboard.

    What a clever thing to have in the settings!

    Can you please help to discover what my User ID I have now and restore it back to number 1? I have FTP access, I don’t have Cpanel.

Viewing 7 replies - 16 through 22 (of 22 total)
  • Thread Starter barnabas1

    (@barnabas1)

    This tutorial speaks about the user_pass to give it an MD5 parameter. Should I do the same? I don’t want the password to be stored in plain text.

    https://www.wpbeginner.com/wp-tutorials/how-to-add-an-admin-user-to-the-wordpress-database-via-mysql/

    Also, the setting to change User ID 1 still exists in my settings. The problem with this setting is that after it run, even though it only changes the ID 1 of the user, my admin account was no longer an admin account as it wouldn’t allow me backend access.

    • This reply was modified 5 months, 1 week ago by barnabas1.

    The tutorial you are referring to is for creating a new admin user.

    We are not creating a new admin user.

    We are basically moving an existing admin user from ID ? to ID 1.

    So we already have the encrypted password string. Therefor we don’t need to use the MD5(‘’).

    If the “Change User ID 1” tool still exists after running it then something must have gone wrong. If it’s only partially implemented that could explain why you can no longer login using that account.
    You didn’t get any error when running the tool?

    • This reply was modified 5 months, 1 week ago by nlpro.
    Thread Starter barnabas1

    (@barnabas1)

    Quoting your reply:

    update wp_posts set post_author=1 where post_author=?;
    update wp_usermeta set user_id=1 where user_id=?;
    update wp_comments set user_id=1 where user_id=?;
    update wp_links set link_owner=1 where link_owner=?;

    Where ? needs to be substituted with the new ID value.

    Shouldn’t be : Where ? needs to be substituted with the OLD ID value?

    Sorry I got confused. I mean after running the tool I was assigned ID 1128. Now ? needs to be replaced by 1128, right?

    • This reply was modified 5 months, 1 week ago by barnabas1.
    • This reply was modified 5 months, 1 week ago by barnabas1.

    Now ? needs to be replaced by 1128, right?

    Yes, that is correct.

    Thread Starter barnabas1

    (@barnabas1)

    OK. All is done. Summary of the things I faced:

    1. From the beginning when I run the tool to change ID 1, the admin was moved to a different ID but lost his admin access, even though he was still assigned the Administrator role.

    2. The “Change User ID 1” tool in iThemes continued to exist, whereas according to a previous comment, it should be hidden if indeed there was no anymore a user with ID=1.

    2. After the second command that Inserted the new user to the ID 1 position, the user had no wp role assigned. Had to change it manually. Or could be done again with SQL.

    3. When I enabled debug mode so to change the user_list key with the new user ID value, the user_list had this output already so I didn’t change anything:

    ...
    "default_recipients": {
            "user_list": [
                1
            ]
        },
        "notifications": {
            "file-change": {
                "enabled": false,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default",
                "subject": null
            },
            "hide-backend": {
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default",
                "subject": null,
                "message": ""
            },
            "inactive-users": {
                "schedule": "daily",
                "enabled": false,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default",
                "subject": null
            },
            "magic-link-login-page": {
                "subject": null,
                "message": "Hi {{ $display_name }},\r\n\r\nFor security purposes, please click the button below to login.\r\n\r\nRegards,\r\nAll at {{ $site_title }}"
            },
            "digest": {
                "schedule": "weekly",
                "enabled": true,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default",
                "subject": null
            },
            "import-export": {
                "subject": null,
                "message": null
            },
            "lockout": {
                "enabled": false,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default",
                "subject": null
            },
            "malware-scheduling": {
                "enabled": false,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default"
            },
            "two-factor-reminder": {
                "subject": null,
                "message": "Hi {{ $display_name }},\r\n\t\t\t\r\n{{ $requester_display_name }} from {{ $site_title }} has asked that you set up Two Factor Authentication."
            },
            "automatic-updates-debug": {
                "enabled": true,
                "user_list": [
                    "role:administrator"
                ],
                "recipient_type": "default"
            }
        },
        "admin_emails": []
    }
    Thread Starter barnabas1

    (@barnabas1)

    Thank you @nlpro for your patient assistance!🙂 You’ve saved iThemes ass and mine.

    I think we can close the thread now. Everything is back to normal.

    Great!

    It’s correct that, in your case, making changes to the notification-center settings was not needed. Only the role Administrator is assigned to “user_list. So no individual users (ID values) are used.
    Well except for 1 (default_recipients) but that ID was already 1.

    Since we have successfully reversed the changes made by the “Change User ID 1” tool please mark this topic as “Resolved”.

Viewing 7 replies - 16 through 22 (of 22 total)
  • You must be logged in to reply to this topic.