Login to wordpress admin. Wordpress admin. How to login to Wordpress admin area? How to reset your wordpress admin password? You saved your changes, but they are not visible
The WordPress admin panel or the administrative part of the WordPress site is designed to manage the content of the site: editing articles, changing themes, placing widgets, managing media files, editing the site code, including the CSS appearance.
WordPress Admin - Login
All WordPress user groups, except for subscribers, can be included in the site's admin panel. True, each user group has its own permissions for editing content.
However, even an administrator cannot log into the WordPress admin area without a username and password. Administrator login and password, set when . There, it's worth remembering.
WordPress admin login address
The URL to enter the insecure admin area of the site is as follows:
- http://your_site.ru/wp-login.php or
- http://your_site.ru/wp-admin/
How to get into the admin area from the site
To get to the administrative part of the site from its front part, you need to place the Meta widget on the site. It has four links: Login, Register, Post RSS, Comment RSS, WordPress link. The last three links can be removed. Read: .
If you forgot your password and login to the WordPress admin panel, it's unpleasant, but not fatal. There are several options to restore them.
How to reset your admin password
To recover the administrator password for logging into the admin panel, you can use one of the three recommended methods. Read about them in the article:.
How to remember administrator login
How to change your WordPress admin password
If you are logged into the admin panel and want to change your administrator password, go to the Users →Your profile tab. In the lines: "New password" and "Repeat New Password”, change the password to enter the admin panel. old password remove from the browser's password cache.
Logging into the WordPress admin area using your WordPress.com account
You can make it easier to log in to your site's admin panel by syncing your site account with your WordPress.com accounts. You can use . The 33 features of the Jetpack plugin include an authorization module, through a WordPress.com account.
WordPress admin Login How to protect your WordPress admin from being hacked
WordPress security plugins
Install one of the wordpress security plugins on your system. Almost, in all plugins of this type, there is a module to protect the admin panel from unauthorized entry. The admin panel is protected in different ways: the number of incorrect login attempts is limited, the login address to the admin panel is changed and / or encrypted, etc. Read more in the articles:
Let's take a look at the content of the WordPress admin area.
What is included in the wordpress admin
Customizing the appearance of the WordPress admin
The settings for the appearance of the admin panel are located at the top of the page on the exit screen. It is called "Screen Settings" and is present on each tab of the admin panel, with its own settings elements.
Let's see how it changes appearance admin panel on the example of the Console - home page admins.
WordPress admin Open the "Screen Settings" and tick the checkboxes in the required boxes. The checked console modules appear on the console page. Everything is simple. The number of modules will increase as new plugins are installed.
Conclusion
WordPress admin design changes over time. Recently, new color schemes have been added (they are on the User-Your Profile tab), but fundamentally it remains unchanged. This is the left panel of the console and the top technical menu.
The WordPress admin area is the administrative part of the site, where all the site settings are located. By default, the WordPress admin login is located at .../wp-login.php . The admin panel itself is located at .../wp-admin/ .
The admin panel is the most important part of the site. If a hacker gains access to the admin panel, he can do whatever he wants with the site. It will likely change the admin password or create a new admin and delete the old one. Therefore, the entrance to the WordPress admin area should be well protected.
There are several ways to get into the WordPress admin area:
- Via wp-login.php
- Via xmlrpc.php
- Via admin email
- Through hosting
- Through the database
In this article, you will learn all the basic ways to protect the WordPress admin from hacking and several ways to log into the admin if password recovery does not work, or if a hacker has taken control of the site.
Admin login via wp-login.php
Each registered user has access to the admin panel. Each user is assigned a role upon registration, which determines what the user can or cannot do. By default, there are 5 roles in WordPress:
- Administrator
- Editor
- Author
- Participant
- Subscriber
Some plugins add new roles, for example WooCommerce creates Customer and Store Manager roles, Yoast SEO plugin creates SEO Editor and SEO Manager roles. You can add new roles manually or with plugins and give them the right permissions.
The administrator has full access to all settings in the admin menu. Other users have less rights to manage the admin panel. Subscribers have the most limited rights, they only have access to their profile on the site.
Despite the fact that the subscriber has minimal rights in the admin panel, use complex logins and passwords for subscribers and all other users on the site.
Use a complex username and password
When installing WordPress, the site administrator is given a name admin default.
Login admin- the first one that is tried by hackers when trying to guess the login and password to the site. Hackers use bots that automatically crawl thousands of sites and use lists of popular usernames and passwords that are freely available.
Don't use names admin, administrator, test, demo, site domain and similar as a login. Also don't use simple/common passwords qwerty, password, 12345 , 1q2w3e, yutsuken and so on.
WordPress has a built-in password generator. Navigate Users — Your profile — Account Management.
You can store passwords in a password store like lastpass.com or a browser, or create your own complex password like I have a poodle dog who was born in 2018: UmespP,krv2018.
Disable errors
Login correct, password incorrect
When the hacker finds the correct login, he will only have to guess the password. In order not to give a hint to a hacker, change the message to a neutral one, for example, The login or password you entered is incorrect.
Change the address of the WordPress admin login page
To make it harder for hackers to guess your login and password, move the login page from the standard.../wp-login.php to something unique, like.../entry-page .
Before they start cracking passwords, they will have to find a page where they can do it.
Limit the number of failed login attempts
By default, WordPress does not limit the number of failed login attempts, and a hacker can try as many login and password combinations as he wants.
First, it is dangerous because there is some chance that the hacker will eventually find the right combination and enter the site. Secondly, repeated attempts to enter the site consume server resources, especially if they are performed automatically by hackbots.
To limit the danger and reduce the load on the server, set the limit for failed authorization attempts. This can be done with specific plugins like Limit Login Attempts Reloaded or Login LockDown , or with large security plugins that have this feature among others like Wordfence or All In One WP Security & Firewall .
Add two-factor authentication or additional questions
Two-factor authentication is identification through a username and password, plus additional identification through a smartphone or e-mail. To enable dual authorization, there is free plugins, such as Google Two-Factor Authentication , Google Authenticator or Duo Two-Factor Authentication .
Quite an interesting two-factor authentication plugin UNLOQ Two Factor Authentication (2FA):
For it to work, you need to install the application on your smartphone, after which push notifications will be sent to it, in which you can allow or deny access. You can set up login only by push notifications or together with a one-time code on a smartphone or e-mail.
A simplified version of this idea is additional questions on the authorization page. Install the WP Security Questions plugin:
Additional questions on the authorization page
Set a password for the login page
Another thing you can do to make the login page more secure is to set a password for it.
Password to access the page
To do this, you need to create a file with passwords and add the code to . .
Login to the admin panel through xmlrpc.php
Xmlrpc.php is another entry to the admin panel, but for robots. This is the API that is used to access the site through the WordPress mobile app, for trackbacks and pingbacks, and is used by the Jetpack plugin. XML-RPC is also used by hackbots for brute-force attacks with logins and passwords.
Instead of trying to pick up a username and password on a regular login page, where you can set a limit on the number of login attempts, the bot can try an unlimited number of combinations through the xml-rpc interface.
If you are not using mobile application, trackbacks and pingbacks, or the Jetpack plugin, you can disable this interface. This will reduce the likelihood of hacking and save server resources, because bots automatically try thousands of login and password combinations.
If you use any of these, then leave this feature enabled or partially enabled, and use a complex login and password.
Access to the admin panel through the administrator's mail
An attacker can come to the password recovery page and request a password reset via email.
If an attacker knows what email address the administrator account is registered to, and you use a weak password for this mailbox, then a hacker can guess the password for it.
The hacker will request a password reset, go to your mailbox, change the password of the administrator account on the site, go to the site, create a new administrator and delete the old administrator.
To prevent this from happening, use a complex password for your mailbox.
Access to the admin panel via hosting or FTP
The hosting has access to the site files through the file manager. By adding scripts to files, a hacker can enter the site. It is called .
In addition to access to files on the hosting, there is access to the database. In the database, a hacker can change the administrator password and enter the site.
Read the next section on how to edit an admin account to take back control of an admin account.
Always use strong passwords for hosting and FTP.
Access to the admin panel through the database
The database contains the accounts of all site users. If a hacker gets into the database, he can change the administrator entry, or add a new one.
The database can be accessed from the hosting panel or via FTP. To connect to a database, you need data from a file :
entry define('DB_HOST', 'localhost'); means that you can only connect to the database from the local server.
Transfer wp-config.php up one level and give it permissions 400 or 440, depending on the server settings.
Use a complex login and password to connect the database.
Part 2. How to log into the WordPress admin panel
If you can't login to the admin panel, try resetting your password via email.
Recover admin password via email
- your-site.ru/wp-login.php)
- Click link Forgot your password?
- Enter administrator email address
- Click Get a new password
If the letter does not arrive in the mailbox, check in the folder Spam. The problem may be that your Post service does not miss a letter from a suspicious address. Or that your site has been hacked.
The next method is to try changing the admin password on the database.
Change the admin password in the database
Go to the hosting, open the database and find the user table wp_users(or ). Open the user table and go to the administrator account.
In the administrator account, change the password and try to access the site with the new password:
Change database admin email
If this method doesn't work, try changing the admin email in the database.
In this method, you will change the admin email and request a password reset to the new email on the password reset page.
Log in to the hosting, open the database, open the administrator account and change the e-mail to a new one:
Return to the site and request password recovery:
- Go to the login page (by default your-site.ru/wp-login.php)
- Click link Forgot your password?
- Enter a new admin email address
- Click Get a new password
A message with a link to change the password should be sent to the new e-mail. If the message does not arrive, check in the folder Spam.
How to change WordPress admin password without database access
If you don't have access to the database, but you do have access to the site's files via FTP or hosting, you can try adding a script that will change the admin password in the database.
Add script to folder /wp-content/mu-plugins/. The script will reset Current Password administrator and replace it with a new one.
Another way to get into the WordPress admin panel is to create a new administrator.
How to create a new WordPress administrator without access to the admin panel and database
If you do not have access to the database and none of the previous methods helped you, try adding the script to the file .
This script will create another admin account. You will log into the site in the new administrator account, and delete the other administrator account.
Another way to create an admin is to add a script to the /wp-content/mu-plugins/ folder.
Go to the site and delete the old administrator account/s.
Bonus. How to change the image on the login page
You can change the standard image on the admin login page to your own using the script in the file functions.php.
Add this code:
Specify the path to the image on line 5. Replace the sizes with your own on lines 6-11, or add your own css.
The WordPress admin panel is a secure section of the site. In it, the webmaster works with the content of the resource - adds new pages, uploads media files, edits the code, installs and configures plugins. Webmasters get access to the admin panel of the site after installing the CMS - a combination of login and password, a link to enter the console are sent to the specified mail. The site owner can add new users by creating accounts for them and defining roles - administrator, editor, author, seo specialist. This feature makes it easier to work on a large-scale resource.
If you just installed CMS WordPress and do not know what to do next, I suggest you study this guide. You will learn how to enter the admin panel and configure it, what errors sometimes make it impossible to log in to the console, and what to do to protect the site from hacking.
To enter the WordPress admin panel, type in the link in the address bar http://yoursite/wp-login.php or http://yoursite/wp-admin/, where instead of "your_site" - Domain name(address) of your website.A page with a login form for the admin panel will open. Enter your login and password into the form fields, which you received by email after installing the CMS, and click on the "Login" button.
In it you can add new pages of the site, edit texts, change the template, add new css etc. The console interface is clear and simple, thanks to a logical structure. Even if you have never worked with WordPress CMS before, you can understand the main functions in 2-3 days without reading user manuals.
Why can't I login to admin?
Problem #1: Wrong URL entered to login to the admin panel
Most often, users incorrectly enter the link to enter the admin panel. The page cannot be opened due to an incorrectly spelled protocol - for example, https instead of http, - the domain name of the site, or extra characters in the link. By clicking on the link, you will see "Unable to load page" or a similar picture.
Solution:check if the URL is correct. Use to enter the admin panel links like http://your_site/wp-login.php or http://your_site/wp-admin/.
Problem number 2: the login or password is incorrect
Due to errors made when entering a login or password, it will not be possible to enter the admin panel. The system will display a warning and prompt you to follow the link to restore access.
Solution:find in the CMS specified during installation e-mail box email with login details. If you deleted it, follow the link "Forgot your password?" and follow the instructions to restore access to your account.
Problem #3: cache and cookies
Disabled cookies can become a problem when logging into the admin area. Just like a non-updated browser cache.
Solution:check if cookies are enabled in your browser settings, clear cache and cookies. After that, try to log in to the admin panel again.
Problem #4: The wp-login.php file is corrupted
If the wp-login.php file, which is intended for authorization in the CMS, is damaged, deleted or moved to another folder, you will not be able to enter the administrative panel. In this case, the page with the authorization form does not even open.
Solution:replace the wp-login.php file with a new one, but before that make a backup. To do this, log in to the hosting control panel, find the "Hosting backups" section in the menu and follow the instructions provided by the hosting. Most often, the backup will be created automatically.
When the system saves the data, you will receive a letter with the archive to the mail specified during registration.
To download latest version CMS WordPress, where there was no error, just select the desired backup.If the login problem was in the wp-login.php file, then after such changes you will be able to log into the admin panel.
Problem #5: Installed theme update is incompatible with your version of WordPress
Sometimes Latest updates themes are incompatible with installed version WordPress. This conflict can also cause login problems.
Solution:rollback to standard theme default might solve the problem. Go to folder wp-content/themes, rename the theme folder and try to log in again in the admin panel. If the problem with the login was caused by a theme update, then after making the changes, you will easily log into the console.
How to change the administrator password
There are three ways to change the password for entering the WordPress admin panel - through the password recovery form, through phpMyAdmin, and also in the console settings after authorization. The easiest way is to request a new password on the admin login page. We have already briefly considered it above - you just need to click on the link "Forgot your password?" and follow the CMS instructions.
phpMyAdmin
Another way to change your password without logging into the admin panel is with phpMyAdmin. To do this, you will have to log in to the hosting control panel, click on the "MySQL Management" section and click on "phpMyAdmin Editor". An authorization form will open in a new tab, in which you need to drive in a username and password.
In the menu on the left, find the wp_users folder, double-click on it, select the user for which you want to change the password. Double click on the user_pass field and set a new password. Save your changes.
In control panel
Scroll down the page and find the "Account Management" section and click on the "Create Password" button.
Enter a new password in the field that opens and save the changes.
To make it more convenient to work with the content of the site, customize the appearance of the administrative panel. Edit main screen console by clicking on the "Screen Settings" button and unchecking the boxes you want to hide.
All changes are displayed in real time. The positions of the blocks on the main screen can be easily changed - just drag them to the right place.
Go to the "Users - Your profile" section.
Choose the color scheme you like, change the language if necessary, check the box next to the "Hot keys" item to speed up the work with content in the editor. Save the changes by clicking the "Update profile" button.
In the pop-up "Help" section, hints are hidden that make it easier to work in the WordPress admin panel.
Click on it if you are having trouble navigating the console or interpreting individual elements In chapter.
How to protect the admin panel from hacking
Any site, including yours, can be hacked. To protect your data from intruders, follow a few best practices. First, change the login page URL. To do this, you will have to rename the wp-login.php file - for example, to 123-wp.php - and then in the code editor replace all references to the old name with the new one.
Secondly, hide the admin login page. Edit the .htaccess file by pasting the following code into it:
# Hide admin URL startIn the code, instead of my_admin_url, specify the new address where the site will be available; my_secret_key replace with a complex key of numbers and Latin letters (do not forget to save it); instead ofsite.comspecify the site domain; and if you changed the URL of the login page in the filewp-login.php, change the old name to the new one.
Thirdly, do not use simple logins such as admin, user, administrator, etc. In this case, the attacker will only have to guess the password.
Fourth, set a complex login password. It has been detailed above how to do this.
Fifth, set access by IP. It should only be used if the content of the site is managed by one person.
An additional method of protection is the installation of plugins. Most often webmasters use plugins Captcha, WPS Hide Login, Login LockDown, Lock Down Admin, Hide My WP. They are easy to find in the catalog by name, install and activate.
The WordPress CMS admin panel is not as scary and incomprehensible as it might seem at first glance. Now you know how to customize the console to your needs in order to quickly and easily edit content on the site.
Default go to WordPress admin You can use any of the following links:
http://your_site/wp-admin
http://your_site/wp-login.php
A page will open with a form in which you must specify the username (administrator) and password. You entered this data at the time.
Click “Login” and if the specified user with such a password exists, then you will be taken to the WordPress admin panel (administrative part).
This is where you will spend most of your time while working with the site. Although, writing articles can and should be moved outside the admin area. Those. make it through third party program. The most popular of them Windows Live Writer. I will write about this later. Some more points can be done directly in the files, but in general, the entire process of setting up, installing plugins, etc. will take place in this administrative part.
At the beginning of the article, I wrote that the specified admin panel URLs are available by default. Those. right after WordPress installations you can access them in the admin panel. But, in the future, in order to avoid brute force attacks, it will be necessary to change the address of the admin panel and the name of the administrator. I will also write about this in one of the following articles.
I think the question “How to log into the WordPress admin area?”- Opened and did not cause any difficulties.
More and more Internet users and bloggers use this system remote administration. With the help of Worldpress, you can upload articles, video and audio files, photos. The editor also allows you to track visitors and capture their activity. The most important advantage of the system is that you can edit texts and photos without using an additional software. Enough editor tools.
Using the system
Many webmasters are well aware of a wonderful tool for quick creation and editing websites and blogs. This is the Wordpress editor. His main feature- the ability to edit text and pictures online. With a wide range of webmaster tools, the editor allows you to effortlessly create a colorful, structured and informative web page.
The scope of the editor is quite wide. It is used by site administrators and moderators. Also, the web page management system is popular with bloggers and those who work in remote mode. All you need to get started is to download and install special software. For ordinary users, it's even easier - go to start page editor of the hosting you are interested in and register. You will receive credentials, and with them the ability to create and edit your own page. That's all, the Wordpress admin panel is available. Many companies offer users hosting with Wordpress installed for hosting websites and blogs. More and more commercial organizations are installing the Wordpress content management system on their corporate pages.
Other programs for managing web pages
There are many content management systems (SMC). As an alternative to managing a web page, there is, for example, "1C-Bitrix" - a system that coordinates with the "1C-Enterprise" program. Almost all organizations have such a database, but its administration requires special knowledge. Also, this system is cumbersome, and slow, unlike Wordpress. Login to the admin panel is all you need to get started. Russian webmasters are well aware of Joolma, Amira and many other management systems. Working with them also requires special training and does not involve the connection of an ordinary user. Wordpress editor allows you to do without additional skills. Installing it is quite simple. You only need basic knowledge of the computer in order for the Wordpress admin panel to become available.
How to get access?
To understand how the system works, it is necessary to structure it. You need to understand that the program itself is installed on the server where the site is hosted. The user, opening a page with a specific address, simply connects to the system remotely. Without providing user credentials, the program will not be able to recognize you and open your blog specifically. There can be many pages edited by different bloggers. That's what identification is made in Wordpress for. Login to the admin panel does not require captcha or SMS confirmation. It is enough to enter the password.
To open the Wordpress admin panel, just enter its address in the browser. It looks like this: http://your blog/wp-login.php.
Or like this: http://your blog/wp-admin.php.
In some versions, there is such a form: http://your blog/login.
You will see a window with Wordpress, there you need to enter the username and password of the site. After that, you will find yourself in the control panel of your site. Here you can create new page or edit an existing one.
If you are a user
Installation information is more useful for administrators. intuitive to all users of standard office applications, difficulties may arise mainly with the login. Most calls to technical support are related to the fact that the Wordpress admin panel does not open. This problem occurs for beginners and for those who started working in the editor a long time ago, but forgot their credentials. There is nothing reprehensible in this, all beginners face a similar problem.
If you are an ordinary user who remotely edits your blog with Wordpress, you will not be able to log into the hosting. To remember your password, use the reminder system. To recover your password, first of all, you need to go to the editor's home page: http://your blog/wp-login.php or simply: http://your site/login. Below, under the window for entering credentials, the path will be indicated. Just click on "Forgot password". Enter your address Email left at registration. You will be sent a link to change your credentials. Follow the link to change your credentials. Memorize or write them down. Your password is valid again. That's why when registering you indicated your email address. After recovery account go back to start page and re-enter your username and password. Now you can start editing the site.
How to login as an administrator?
If you have forgotten your login details for the administration panel, you can find them out. All information is stored in a database on the hosting. If you are the site administrator at the same time, go to the control panel of the hosting hosting the editor, then in phpMyAdmin, find the wp_users table and click on the "edit" button. After that, you can safely copy the username and password to manage your site.
Have problems remained?
Even if you do everything right, problems may remain. Most of them are related to the fact that the Wordpress admin panel does not work. or a message from the host will not please those who are trying to do their job on time. Upon entering, you will see an inscription stating that it is impossible to work in the editor for one reason or another. There can be several reasons to change the WordPress admin area:
- Paid hosting may expire a subscription. In this case, you again need to get into the hosting control panel. Remember if you received any relevant warnings from the hosting company. If there is a message about the expiration of the paid period, you should renew your subscription.
- The entry says that maintenance work is being carried out, you need to wait for the end of the technical break.
- Login to the administration panel can be replaced by a hoster. This is done in the event of a virus attack or hacking of the site. You should contact technical support hosting to clarify the timing of the restoration of the site and new credentials.
- Damage to the site as a result of a virus attack, temporary suspension of its work for troubleshooting. Contact the technical support of the hoster to clarify the situation. It is possible that the hosting company itself will send an email notification of the opportunity further work in wordpress. How to enter the admin panel after troubleshooting, you already know.
There is access, but the page cannot be edited
There is one more problem - you have entered the site and the console, but you cannot edit the entry. The reason is simple - someone else is editing the same page. This can happen if you work in a team and your work is controlled by an editor. In this case, you should contact a superior employee to clarify the situation. The reason for this error is by no means Wordpress. The address of the admin panel may have the same look for everyone working on the site, but the address of your profile or article is unique and cannot be confused. The post you create can be edited either by you or by an editor with more privileges, such as a site moderator. If your content does not comply with the rules for posting information or is contrary to the law, it may be removed or edited.
You saved your changes, but they are not visible
According to user feedback, this problem is also observed in Wordpress. How to enter the admin panel is not the most difficult aspect of the work. The situation is not connected with the program itself, but with web page caching mechanisms that are widespread everywhere. After editing the picture, the changes are not reflected in the preview, and the picture retains its original appearance. One solution might be to reset your account. You will have to leave the Wordpress editor. How to enter the admin panel again, you already know.
Grand total
Today, Internet resources are actively developing and interacting with the user. Fresh news, tips, stories from personal life will regularly appear on your page. Of all the site management tools, the editor available to everyone is the most the best solution. No wonder webmasters use Wordpress so widely. How to enter the admin panel is the only thing you need to know.