How to Fix Admin Locked out of WordPress Dashboard
BLOG

How to Fix Admin Locked out of WordPress Dashboard

Table of Contents

If you’re locked out of the WordPress dashboard, this guide is for you.

Admins are locked out of the Dashboard when the site is configured with the “limit login options” feature. In most cases, WordPress plugins like WordFence are responsible for admin lockouts.

Let’s learn how to fix the issue when locked out of the WordPress dashboard.

Fix Admin Lockout of WordPress Dashboard

First, you need to see if a specific tool is installed to limit logins in WordPress. You must look at plugins, manual scripts, or cPanel settings here.

Suppose a WordPress plugin, such as WordFence, powers the feature.

Let’s learn how to deal with the lockout problem in WordPress if you’re using WordFence for the said option.

Lockout options in WordFence

Once you’ve entered the wrong credentials, the system locks you out of the WordPress dashboard. WordFence shows an error message once the feature notices the wrong credentials. For more information, see the WordFence official resource about protection from Brute Force attacks.

The screen shows the message, ” You’ve been locked out of the WordPress dashboard due to wrong credentials,” along with instructions on proceeding and recovering.

You’re good if you can see the admin email stating that an email notification has been sent to the email. On the other hand, if you’re directed to enter your email, you can get an unlock email.

Proceed accordingly and get an email that contains instructions on how to get access again.

Check your email inbox to see if you’ve received an email. If so, you must click on the link in the email, which will help you recover your access to the WordPress dashboard.

Note: The above scenario works only if you can access the admin email. Let’s proceed and learn what to do if you need access to the Admin Email set in WordPress.

Web Hosting cPanel Access to File Manager

If you can’t access the WordPress admin email, you must take the following roadmap.

See if you have access to your website’s hosting panel. In this case, you should be able to log in to the web hosting cPanel area. Next, you’ll need to fire up the hosting cPanel File Manager. You can access the area with an FTP client like File Zilla.

Once the cPanel File Manager loads, you can see a list of directories and files on the screen. It would help if you browsed the Public_HTML directory.

Get in the directory and browse to the WP-Content directory. This directory contains WordPress themes and plugins currently installed in WordPress.

Here – you can see two main directories:

  1. Themes
  2. Plugins

Hence, we need to deal with WordFence, get into the plugins, and see if the WordFence directory exists inside.

If yes, click the directory name and enter a new name. It would help if you changed the name, even slightly, to make a minor difference.

You’ve done the job, let’s see next, what should you expect.

Test the Scenario

Load the WordPress login page and enter your login credentials. This time, even if you enter the wrong credentials, the system doesn’t show a lockout message on the screen.

Of course, once you’ve entered login details, you can experience a smooth login to the WordPress dashboard. You’ve successfully fixed the admin lockout issue and logged into the WordPress dashboard.

Renaming the WordFence directory in the cPanel area means File Manager doesn’t require access to the WordPress dashboard. In this case, we can manually kill the “limit login feature” by changing the root directory.

Related Reading: WordPress Plugins for Improved Security

Change the cPanel options

Once you’ve fixed the issue, it’s time to make changes again.

Now, we need to get back and set things as before.

Hence, we’ve turned off the WordFence plugin; we should revert the change if using the WordFence plugin seems promising.

Of course, here is what we should do next.

Steps involved

Before you proceed, you need to perform the following Three tasks.

  1. You need to change or confirm your WordPress login.
  2. You can proceed to make changes in the WordPress limit login options again.
  3. You can also change or set proper options to limit login attempts, such as blocking users after how many wrong attempts.

Let’s proceed and explain further maneuvers.

Step 1: Proceed and recheck your WordPress login credentials to confirm your access to the Dashboard. In this scenario, you can attempt to log in to WordPress from a different browser, such as Mozilla Firefox.

Step 2: Once confirmed you have access to the valid credentials, let’s proceed further.

  • You must enter the hosting cPanel File Manager area as you did in the previous steps. You must also enter the Public_HTML directory and the WP-Content folder in the WordPress root.
  • Here – it would help if you renamed the WordFence directory as it was before the previous change. Remove the “rename change” you made in the last step above.
  • When the WordFence directory becomes routine, you can see the “limit Login mechanism” implemented again.

Step 3: Open the WordPress dashboard and load the page with detailed information for “login limiting options.”

  • You can set, change, or change the current options to block invalid users from the WordPress dashboard.
  • For example, when observing failed logins, you can change the number of attempts WordPress should count. You can also change the time WordPress measures across multiple invalid attempts. After you’ve made the required changes, you’re all set.
  • At the end, save changes and exit.

Professional Tips

Tip 1: To avoid limited login failures and lockout issues, always have access to the admin email.

Tip 2: If you’ve changed the link for the WordPress Login page, you may experience extra issues when dealing with lockout situations. You can temporarily turn off the plugin responsible for the mentioned case by enabling WordFence from cPanel.

Tip 3: If you’re using a different plugin for WordPress limit logins, other than WordFence – you’ll need to find the respective directory in the hosting cPanel File Manager.

Tip 4: If you’re migrating your site from one host to another, make sure you’ve temporarily turned off the WordPress limit login feature. The said option creates more problems when dealing with site migrations, period.

Tip 5: If you can maintain WordPress correct login, setting tight mechanisms for limit logins helps users block brute force attacks. In this case, you can set the option To lock invalid usernames after the second failed attempt. You can also choose when invalid users are locked out of the WordPress dashboard, such as 12 hours. The feature is designed to help users avoid brute-force attacks on WordPress login portals.

Tip 6: WordPress sites with redirection after a user has logged in successfully may experience more problems when recovering from lockout issues. For example, if the site redirects to a different page or directory in WordPress, the redirect chain may implement a lockout scenario again. So, in this case, you should have adequately understood how your site is configured and acted accordingly.

wp tech support

Over to You

This article teaches you how to recover a site from lockout status. In this case, the admin or a general user is locked out of the WordPress dashboard.

The problem is fixed only if the site’s admin is in action. For example, you should have admin privileges to access the web hosting cPanel File Manager.

For more information on recovering from WordPress lockout issues, ask us for more details or chat with our live agents.

Leave a Reply

Comment policy: We value comments and the time that visitors to our blog spend to give feedback. Please note that all comments are manually moderated and any deemed to be spam or promotional will be deleted.