Admin access blocked, shows several different errors

  • Resolved B. Edmun

    (@medmancreative)


    6 days, 22 hours ago

    After my site was updated to WP6.9, none of the four Admins can log in to the dashboard. Users with “customer” profiles are not affected and can log in. I do have WordPress access via the hosting portal for one admin user, so we are not completely locked out, but we need multiple admins to have concurrent access to process orders.

    We each are receiving various errors, including:
    – Invalid login details (most frequent)
    – An error in the authentication has occurred. Please Try Again. (2nd most frequent)
    – The password you entered for the email address —@—-.com is incorrect. (not true, password hadn’t changed)
    – Your access has been denied due to too many failed login attempts. (once, but regained access after timeout)

    We have tried:
    • Cleared all browser caches repeatedly, used different browsers in private tabs, multiple computers, and IP address locations
    • Renamed the WF plugin folder via file manager and disabled Wordfence via the WP dashboard. Result: same error
    • Turned off all plugins: Result: bad things happen, but still no login
    • Changed user site role from admin to customer. Result: same error, although the previously existing ‘customer’ level in-house test user can log in.
    • Added 2FA to one admin user with Authenticator app: Result: same error
    • Removed 2FA from the same admin user: Result: same error
    • Disabled all caching, security, and captcha plugins. Result: same error
    • Updated all but two plugins to the latest versions (functioning on expired license, so can’t update)
    • Changed admin password via myPHPadmin. Result: same error
    • Several ‘fixes’ from various sites: Result: same error

    Server and WordPress info
    • WordPress 6.9
    • PHP 8.3.6

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    5 days, 3 hours ago

    Hi @medmancreative, I’m sorry to hear that and appreciate the amount of detail you’ve provided.

    There aren’t any cases across our customers I can immediately find that might point to a known issue affecting admin level users after the recent 6.9 update or Wordfence’s most recent update. We might be able to identify a plugin conflict or at least learn more about what’s running at the same time from seeing a diagnostic report from your site.

    You can send a diagnostic that to wftest @ wordfence . com by finding the link at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Many thanks,
    Peter.

    Thread Starter B. Edmun

    (@medmancreative)

    5 days, 3 hours ago

    I have sent the report as requested. Thanks!

    Plugin Support wfpeter

    (@wfpeter)

    5 days, 1 hour ago

    Hi @medmancreative, thanks for sending that over.

    I notice the website appears to be blocked from connecting to itself, which could be linked to your issue. It’s a Wordfence block rather than a default server error or another CDN/firewall page so I might expect to see the IP on your Blocking page.

    Certainly check Wordfence > Firewall > Blocking for your server IPs being blocked in error at the moment. If you don’t know those, you can see them in the diagnostic page under, “IP(s) used by this server“.

    If they’re not there, I would look for those IPs on the Live Traffic page. You can filter the results by IP and check the reason why it was blocked after clicking the eye icon in the corner. You may find a specific firewall rule or Wordfence setting stated here after expanding the entry. The reason is shown in red text. Let us know what that reason is if it doesn’t point to something you can solve immediately yourself.

    The Live Traffic page might also be useful if you see blocks immediately after one of your admin users tries to log in. The reason why should be given there too.

    Many thanks,
    Peter.

    • This reply was modified 5 days, 1 hour ago by wfpeter. Reason: Added information to look for blocked users in Live Traffic also
    Thread Starter B. Edmun

    (@medmancreative)

    4 days, 19 hours ago

    I checked the Current Blocks and filtered for the known IP addresses of our admins.  These addresses are not in the block list. The Live Traffic view, filtered by Registered Users, shows error type as Failed Login. The first failed attempt shows up as Human, but any subsequent attempts if done in quick succession show up as Bot. 

    One of the IPs used by the server does have a block for a bot hitting https://thebeergearstore.com/wp-cron.php?doing_wp_cron

    I unblocked the IP, and the Diagnostic report no longer shows the Connectivity error in red that you pointed out. Yet, I still get a login error, “The username or password is incorrect,” even though we have not recently changed passwords.  So I went into the WP database via phpMyAdmin and cleared the passwords, reset the user_pass field with our existing passwords, then saved it as MD5. This is what finally worked.

    Thank you for your assistance. I hope this thread helps someone else in the future.

Viewing 4 replies - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.