Was the domain ever changed? Did you ever add any 301 redirects or make adjustments to the .htaccess file? Did you add any security plugins?
Also, after you try logging in and you get redirected back, what does the URL say exactly?
Lastly, try logging in from subsite.blog-net.ch/wp-login.php directly instead of going to wp-admin first.
The domain has never changed. I never explicitly made 301 redirects, or at least not that I know of. The .htaccess file contains the standard entries that I know of. Security plugins? Well, there are some Captcha-Plugins and other Spam prevention things. I don’t remember to add any, but even if, then I did it sitewide and therefore: why is only this particular site handicapped?
After a login and redirect, the URL says this:
http://fiat-pafumi.blog-net.ch/wp-login.php?redirect_to=http%3A%2F%2Ffiat-pafumi.blog-net.ch%2Fwp-admin%2F&reauth=1
This is also the exact same URL that is shown when logging in directly via http://fiat-pafumi.blog-net.ch/wp-login.php instead of going through wp-admin first.
The .htaccess file contains this code:
<br />
Action php /cgi-php53/php<br />
AddHandler php53 .php</p>
<p>RewriteEngine On<br />
RewriteBase /</p>
<p>#uploaded files<br />
RewriteRule ^(.*/)?files/$ index.php [L]<br />
RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*<br />
#RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]<br />
RewriteRule ^(.*/)?files/(.*) wp-includes/ms-files.php?file=$2 [L]</p>
<p># add a trailing slash to /wp-admin<br />
RewriteCond %{REQUEST_URI} ^.*/wp-admin$<br />
RewriteRule ^(.+)$ $1/ [R=301,L]</p>
<p>RewriteCond %{REQUEST_FILENAME} -f [OR]<br />
RewriteCond %{REQUEST_FILENAME} -d<br />
RewriteRule . - [L]<br />
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]<br />
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]<br />
RewriteRule . index.php [L]</p>
<p><IfModule mod_security.c><br />
<Files async-upload.php><br />
SecFilterEngine Off<br />
SecFilterScanPOST Off<br />
</Files><br />
</IfModule></p>
<p># BEGIN W3TC Page Cache<br />
<IfModule mod_rewrite.c><br />
RewriteEngine On<br />
RewriteBase /<br />
RewriteCond %{HTTP_HOST} ^(www\.)?([a-z0-9\-\.]+\.[a-z]+)\.?(:[0-9]+)?$<br />
RewriteRule .* - [E=W3TC_DOMAIN:%2]<br />
RewriteCond %{HTTP_USER_AGENT} (2\.0\ mmp|240x320|alcatel|amoi|asus|au\-mic|audiovox|avantgo|benq|bird|blackberry|blazer|cdm|cellphone|danger|ddipocket|docomo|dopod|elaine/3\.0|ericsson|eudoraweb|fly|haier|hiptop|hp\.ipaq|htc|huawei|i\-mobile|iemobile|j\-phone|kddi|konka|kwc|kyocera/wx310k|lenovo|lg|lg/u990|lge\ vx|midp|midp\-2\.0|mmef20|mmp|mobilephone|mot\-v|motorola|netfront|newgen|newt|nintendo\ ds|nintendo\ wii|nitro|nokia|novarra|o2|openweb|opera\ mobi|opera\.mobi|palm|panasonic|pantech|pdxgw|pg|philips|phone|playstation\ portable|portalmmm|ppc|proxinet|psp|pt|qtek|sagem|samsung|sanyo|sch|sec|sendo|sgh|sharp|sharp\-tq\-gx10|small|smartphone|softbank|sonyericsson|sph|symbian|symbian\ os|symbianos|toshiba|treo|ts21i\-10|up\.browser|up\.link|uts|vertu|vodafone|wap|willcome|windows\ ce|windows\.ce|winwap|xda|zte) [NC]<br />
RewriteRule .* - [E=W3TC_UA:_low]<br />
RewriteCond %{HTTP_USER_AGENT} (acer\ s100|android|archos5|blackberry9500|blackberry9530|blackberry9550|cupcake|docomo\ ht\-03a|dream|htc\ hero|htc\ magic|htc_dream|htc_magic|incognito|ipad|iphone|ipod|lg\-gw620|liquid\ build|maemo|mot\-mb200|mot\-mb300|nexus\ one|opera\ mini|samsung\-s8000|series60.*webkit|series60/5\.0|sonyericssone10|sonyericssonu20|sonyericssonx10|t\-mobile\ mytouch\ 3g|t\-mobile\ opal|tattoo|webmate|webos) [NC]<br />
RewriteRule .* - [E=W3TC_UA:_high]<br />
RewriteCond %{HTTPS} =on<br />
RewriteRule .* - [E=W3TC_SSL:_ssl]<br />
RewriteCond %{SERVER_PORT} =443<br />
RewriteRule .* - [E=W3TC_SSL:_ssl]<br />
RewriteCond %{HTTP:Accept-Encoding} gzip<br />
RewriteRule .* - [E=W3TC_ENC:.gzip]<br />
RewriteCond %{REQUEST_METHOD} !=POST<br />
RewriteCond %{QUERY_STRING} =""<br />
RewriteCond %{REQUEST_URI} \/$<br />
RewriteCond %{REQUEST_URI} !(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php) [NC,OR]<br />
RewriteCond %{REQUEST_URI} (wp-comments-popup\.php|wp-links-opml\.php|wp-locations\.php) [NC]<br />
RewriteCond %{HTTP_COOKIE} !(comment_author|wp-postpass|wordpress_\[a-f0-9\]\+|wordpress_logged_in) [NC]<br />
RewriteCond "/home/blog-net.ch/www/html/wp-content/w3tc-%{ENV:W3TC_DOMAIN}/pgcache/$1/_index%{ENV:W3TC_UA}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" -f<br />
RewriteRule (.*) "/wp-content/w3tc-%{ENV:W3TC_DOMAIN}/pgcache/$1/_index%{ENV:W3TC_UA}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" [L]<br />
</IfModule><br />
# END W3TC Page Cache</p>
<p>
Give this a try:
Copy the .htaccess file text to a safe document, then delete everything in the .htaccess. See if you are able to login.
Are you serious? We are talking of a multisite installation with about 50 sites. The login in all the other sites works. Actually, I just found out today when I visited the customer, that the customer is actually able to login with his username and password. It looks like only me (or a superuser) can not login to that particular site of the multisite install.
How can that be the fault of the .htaccess? And don’t I risk making all the other sites unusable, if I empty the .htaccess?
Oh, for multi site no. I was incorrect. But on a sidenote, if you did you could restore the htaccess instantly after the test.
Try deleting just the w3 total cache settings in htaccess. Again be sure to save for easy restoring.
Because I don’t have direct access to your site to test myself, I can only give suggestions on what it could be and need you to test it out.
I deleted all of my browser’s history, including cookies, and that resolved the problem.
