Solved Cant log into Wordpress Admin after reinstalling a vps server with DirectAdmin

[Johnws2022]

Dear All,

It is very strange I have not been able to log into my WP Admin today; I have Re-installed my vps server with latest DirectAdmin about two weeks ago - my website works very well.

I have tried to use my older backup even before reinstalling the above server, but still cant have access to WP Admin; the front end websites work as normallly.

I have also tried to reset WP password via phpMyAdmin as well; still cant get access to WP Admin.

There is no error at all; just does not go into WP dashboard and it stays on Login page.

I have also updated PHP Settings in DirectAdmin control panel as follows:

upload_max_filesize: 64M
post_max_size: 128M
memory_limit: 512M
max_input_var: 5000


Still no luck. This could be an attack by a hacker?

I very appreciate your help.

Cheers

 

[Active8]

Ok stupid question but: did you tried to reset your password ?
I assume you have access to your SQL so even an password reset fails you can reset it from there

try also clean your browser cache

 

[Johnws2022]

Ok stupid question but: did you tried to reset your password ?
I assume you have access to your SQL so even an password reset fails you can reset it from there

try also clean your browser cache

Thank you for your support.

I have tried both: reset password via phpMyAdmin in SQL, and clear browsers' caches and used different browsers.

The website worked well until today. This is very strange.

May be it is caused by Malware?

Cheers

 

[Active8]

1. Any WAF / Firewall (plugin) active ?, try to disable them
2. Permissions on files/ directory's are correct ? (use the permission script from DA)

 

[Ohm J]

we don't know the problem cause, try enable debugging mode and view error log.

 

[Johnws2022]

1. Any WAF / Firewall (plugin) active ?, try to disable them
2. Permissions on files/ directory's are correct ? (use the permission script from DA)

There is no firewall installed or set. Permissions on folders are:

wp-admin: 777
wp-content: 777

Are they correct?

 

[Johnws2022]

After I inserted the followings into wp-config.php:

define( 'WP_DEBUG', true );
define( 'WP_DEBUG_DISPLAY', true );
define( 'WP_DEBUG_LOG', true );
define( 'SCRIPT_DEBUG', true );

I got errors below:

The page isn’t redirecting properly

An error occurred during a connection to www.mydomain.com.

This problem can sometimes be caused by disabling or refusing to accept cookies.

 

[Richard G]

Are they correct?

Most certainly not.
Depends on what php mode you use. But if you use mod_php than this could be the case, however in that case you should use mod_ruid2 for protection.
When using php-fpm normally 777 is almost never needed anymore.
They should just be 755.

The page isn’t redirecting properly

That may point to some issue in the .htaccess file.

 

[ericosman]

Did you also change domain?

 

[Johnws2022]

Did you also change domain?

no. My best bet is reinstalling vps server.

Thanks

 

[Johnws2022]

Most certainly not.
Depends on what php mode you use. But if you use mod_php than this could be the case, however in that case you should use mod_ruid2 for protection.
When using php-fpm normally 777 is almost never needed anymore.
They should just be 755.


That may point to some issue in the .htaccess file.

Thanks. It could be, but even older backup got the same login issue. I think it is something to do with a malware installed by hackers on my vps server. I ll reinstall it shortly.

 

[Richard G]

I ll reinstall it shortly.

That might be the best option.
Be sure to find out how they got in on your system, so you can prevent it from happening after the reinstall.

 

[Johnws2022]

That might be the best option.
Be sure to find out how they got in on your system, so you can prevent it from happening after the reinstall.

My website has too many enemies!

 

[ericosman]

My website has too many enemies!

In that case you have too less security ;-)

 

[johannes]

My website has too many enemies!

No enemies, no honor!

 

[Johnws2022]

In that case you have too less security ;-)

That is not true. I am still fixing the login issue and found out the errors come from two great security plugins!

 

[Johnws2022]

FIXED:

1. Issue with Wordfence plugin after reinstalling a vps server or migrating to a new server. Here is that error:

Unknown: Failed opening required '/home/admin/domains/mydomain.com/public_html/wordfence-waf.php' (include_path='.:/usr/local/php74/lib/php') in Unknown on line 0

To fix the above error, comment out this line in .user.ini located in Root directory:

; auto_prepend_file = '/home/admin/domains/khmerads.co/public_html/wordfence-waf.php'

-After logging into WP Admin, there need to reconfigure Wordfence plugin; please check this guide (I have not done yet):

Optimizing The Firewall - Wordfence

The Wordfence firewall has a feature that allows the firewall to be loaded before any other code loads. This provides the highest level of protection and we refer to this as "Extended Protection". In order to get Extended Protection, you have to go through a short configuration procedure.

www.wordfence.com

2. Bigger issue with Hide My WP plugin and it is out of my knowledge - I have to deactivate it via FTP; the plugin developer is still fixing.


Therefore the login issue after re-installing a vps server or migrating to a new server is caused by both Security plugins mentioned above.

Many thanks for this great community.

Cheers

 

[Richard G]

Good to know, we can keep this in mind if it happens again with somebody.
Thank you for reporting the solution.

 

[Active8]

1. Any WAF / Firewall (plugin) active ?, try to disable them

Yep that was my first solution when I saw your problem

Glad you have solved your problem

 

[Richard G]

Yep that was my first solution when I saw your problem

No your 2nd... post 4. Your first was in post 2. ?
Just having fun.
You were quite correct in that suggestion.