Support » Fixing WordPress » Update to 3.1.3 makes wp-admin unusable in Firefox

  • I run WordPress 3.1 on my own site (hosted on GoDaddy). I’ve had two separate problems recently:

    1) With the update to 3.1.2 I’ve been unable to authenticate properly. When I enter the correct username and password it just redirects to the login page. The only way I can get authenticated is by clicking “forgot password”, entering my email address, then it redirects me to the login page with my username and password prefilled, I click login and it logs in properly.

    2) With the update to 3.1.3 I’m completely unable to access wp-admin in Firefox. It just loads a blank page. I have to boot up a Windows XP VM with Internet Explorer 8 to manage my blog.

    Any suggestions how I can get this working properly?

Viewing 13 replies - 1 through 13 (of 13 total)
  • Moderator Kathryn

    (@zoonini)

    Automattic Happiness Engineer

    A longshot maybe, but have you tried removing all cookies related to the site and clearing the browser cache? I have no problems with 3.1.3 in Firefox for either the login or accessing the admin, on a dozen different sites, so I’m thinking perhaps it’s something with either your browser or your host.

    Have you tried Firefox on a different computer?

    Thanks for the reply. I figured out my problem. Turns out that the update broke my URL redirects. I’ve since corrected the issue on the backend.

    Thank you.

    Ashughes, would you be able to tell me what you did with the redirects?

    I’ve got the same problem, where wp-admin doesn’t load when using the domain that is a redirect.

    I used to have it set up so I could go to http://www.ashughes.com/wp-admin to access my dashboard. I now need to go to http://ashughes.com/wordpress/wp-admin/ and everything works.

    Oh, I’ve got a different problem. I’m hosting it on a different website, and accessing it through my redirected domain. The domain itself works, but when I try and get into the admin interface, it loads a white page. I think this was a “feature” of the 3.1.3 security update…

    Thanks, though.

    My best advice would be to try to load it from the parent URL (not the redirect). That seems to have fixed it for me.

    Well yes, that works….

    But I don’t want users loading it from the parent URL, because the domain is different. Picture this. The parent URL is:

    http://hostedurl.com/othersite/blog/wordpress

    My “Masked” redirect is: http://maskedrd.com

    I don’t want to have to give users that long link to login to my site, right?

    At the moment, I am able to login through the root site, with wp-admin at the end, but don’t want that.

    Not sure why that wouldn’t work, as long as http://maskedrd.com points to http://hostedurl.com/othersite/blog/wordpress it should work the same. It’s like having a desktop shortcut in Windows.

    Maybe try clearing the cache, removing the redirect, and setting up the redirect again? I don’t know…

    Yeah, it’s very frustrating. I’m in the process of removing it at the moment…

    I really do think it’s part of the security update because one of the updates says:
    “Introduce “clickjacking” protection in modern browsers on admin and login pages.”

    Which makes sense, because I can see the main blog, but not the login/admin.

    I’ll figure something out…

    Thanks for the help though…

    Yeah, I point my finger at the update too since everything was fine when I was running 3.1.1. My problems started with 3.1.2 and then got even worse with 3.1.3.

    If you figure out a work around, please post it here so others can benefit.

    Good luck!

    i’m having same problem, – i’m new to WP,
    but i have my blog withing div’s and none of the Admin links work at all.
    They all lead to blank pages….

    When not inside div’s or iframes, they work just fine….

    VERY Frustrating indeed..

    Hi mdavidangst,

    I solved the problem, with help from a user of the WordPress Trac community.

    The issue is because when you do a masked forward (at least with GoDaddy, it creates an iFrame. You cannot use any divs or iFrames when trying to access any admin or login page because of the new “clickjacking security” feature.

    To disable it, paste the following code into any plugin page:

    remove_action( 'login_init',          'send_frame_options_header',     10, 0 );
    remove_action( 'admin_init',                 'send_frame_options_header', 10, 0 );

    For more info, visit my ticket on WordPress Trac:
    http://core.trac.wordpress.org/ticket/17675#comment:8

    Hope that helps.

    that seems to have done the trick!! Thank YOU!!!!!!

    it’s bypassing the new security measures, but they need to take that bit of code back to the drawing board…

    THanks again!

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Update to 3.1.3 makes wp-admin unusable in Firefox’ is closed to new replies.