Fix WordPress Login Issues

Getting locked out of your WordPress dashboard is frustrating but usually fixable. This guide covers the most common reasons you can’t log in and how to get back in.

Forgot Your Password link

The fastest fix – use WordPress’s built-in password reset.

1. Go to yourdomain.com/wp-login.php
2. Click “Lost your password?”
3. Enter your admin email address and click Get New Password
4. Check your inbox for the reset link

Not receiving the reset email? Check your spam folder. If it’s not there, your server may have email delivery issues. Use the database method below instead.

Reset Password via phpMyAdmin link

If the email reset doesn’t work, change the password directly in the database:

1. Log in to cPanel and open phpMyAdmin
2. Select your WordPress database (check wp-config.php if you’re unsure which one: look for DB_NAME)
3. Click the wp_users table (the prefix may vary – it could be wp_, wp2_, etc.)
4. Find your admin user and click Edit
5. In the user_pass field:
   • Change the Function dropdown to MD5
   • Enter your new password in the Value field
6. Click Go to save
7. Log in with your new password at yourdomain.com/wp-login.php

Login Page Redirects Back to Itself link

If the login page reloads after you enter valid credentials, it’s usually a cookie issue:

Clear Browser Cookies link

1. Clear your browser’s cookies and cache for your domain
2. Try logging in again
3. Test in an incognito/private window

Check WordPress URLs link

If the site URL is misconfigured, cookies won’t work:

1. Open wp-config.php via File Manager or SSH
2. Add these lines above the /* That's all, stop editing! */ comment:

  define('WP_HOME', 'https://yourdomain.com');
define('WP_SITEURL', 'https://yourdomain.com');
  

3. Save and try logging in again
4. Once you’re in, go to Settings > General and make sure both URLs are correct, then remove the lines from wp-config.php

Force SSL on Login link

If your site uses HTTPS but the login page loads on HTTP, add this to wp-config.php:

  define('FORCE_SSL_ADMIN', true);
  

The Login Page Returns a 404 or White Screen link

This usually means .htaccess is broken or corrupted:

1. Connect via SSH or File Manager
2. Rename .htaccess to .htaccess_backup:

     mv .htaccess .htaccess_backup
     

3. Create a fresh .htaccess with default WordPress rules:

     cat > .htaccess << 'EOF'
   # BEGIN WordPress
   <IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteBase /
   RewriteRule ^index\.php$ - [L]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule . /index.php [L]
   </IfModule>
   # END WordPress
   EOF
     

4. Try accessing wp-login.php again
5. If it works, go to Settings > Permalinks and click Save to regenerate the .htaccess properly

“Too Many Redirects” Error link

This is a redirect loop. Fix it by:

1. Clearing your browser cookies for the domain
2. Checking for conflicting .htaccess redirect rules
3. Adding this to wp-config.php temporarily:

  define('WP_HOME', 'https://yourdomain.com');
define('WP_SITEURL', 'https://yourdomain.com');
  

4. If you’re behind Cloudflare, make sure SSL mode is set to Full (Strict), not Flexible

Locked Out by a Security Plugin link

If a security plugin (Wordfence, Sucuri, iThemes Security) locked you out:

1. Connect via SSH or File Manager
2. Navigate to wp-content/plugins/
3. Rename the security plugin’s folder:

     mv wp-content/plugins/wordfence wp-content/plugins/wordfence_disabled
     

4. Log in to WordPress
5. Rename the folder back and reconfigure the plugin’s settings

“Cookies Are Blocked” Error link

WordPress shows this when it can’t set login cookies:

• Make sure cookies are enabled in your browser
• Check that your domain isn’t blocked by browser extensions (ad blockers, privacy extensions)
• Verify that wp-config.php has the correct COOKIE_DOMAIN:

  define('COOKIE_DOMAIN', 'yourdomain.com');
  

Last Resort: Create a New Admin via MySQL link

If nothing else works, create a brand new admin account directly in the database:

1. Open phpMyAdmin in cPanel
2. Click the SQL tab
3. Run this query (replace the placeholder values):

  INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_registered, user_status)
VALUES ('newadmin', MD5('YourNewPassword123!'), 'newadmin', 'you@email.com', NOW(), '0');

INSERT INTO wp_usermeta (user_id, meta_key, meta_value)
VALUES (LAST_INSERT_ID(), 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

INSERT INTO wp_usermeta (user_id, meta_key, meta_value)
VALUES (LAST_INSERT_ID(), 'wp_user_level', '10');
  

4. Log in with newadmin / YourNewPassword123!
5. Change the password immediately after logging in

Related Articles link

• Fix the WordPress Redirect Loop
• Fix the WordPress White Screen of Death
• Securing Your WordPress Site
• Contact GoZen Support - if you still cannot access your WordPress admin