WordPress offers an easy process of designing websites to an ease. Almost anyone who does not have much design or coding experience can build WordPress websites easily. This a great platform that lets you spend more time on building content rather than worrying about learning dedicated web designing skills. This easeness also comes with complexity when encountering errors on your WordPress websites. One such common error you may experience is You Are Not Allowed to Access This Page. This error does not let you log in to your WordPress admin section to make changes. To help you fix this issue, we bring you How to fix You Are Not Allowed to Access This Page on WP.
In Today’s post, we are going to check out why this error occurs, how to avoid such issues, and how to fix You Are Not Allowed to Access This Page on WP. Without further due, let’s get started.
Why this error occurs?
The error “You Are Not Allowed to Access This Page” simply means that whoever is trying to access the page is not allowed. If you are trying to view the page through a browser, you will be able to view it. The issue occurs when you try to get into the backend of your WordPress account or some part that requires some sort of access privilege. So by now, we know that there is some sort of permission issue that would prevent to access the WordPress admin.
By default, there are six different user roles in WordPress. The list of them is Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Each role has its own set of capabilities, that can perform respective tasks. Meaning, that a subscriber role can not accomplish tasks that of an administrator, for example deleting other users. The actual cause of the shared error is when any such error misses the role’s capability. Sometimes, the administrator himself/herself loses the ability to perform the tasks, and in return the error!
How to avoid such issues?
Before we look into how to fix the not allowed access issue, we should know how we can prevent it.
Access based security
1) The first thing is you limit the number of users that can gain access. It is not necessary to give all access to every user. Always make sure the number of users who have admin access. Which user has admin access, do they need that level of administration privileges? Talk it out with your Team if you are a multi-team website owner.
2) Keep your hosting access yourself, not all users who are in your Team need to have access to a hosting account too. Unnecessary access to hosting may lead to poor handling of the database which could hamper the default settings of WordPress.
3) Keep the plugins that are required for your website, and trash others. You don’t need to keep plugins that you don’t use for your website. Instead of installing plugins for tiny tasks, opt for a website builder plugin that completes the requirements for those. We never know which plugin is designed to put a backdoor so the minimal the better.
4) Make use of at least one Security plugin that secures your WordPress login activity. Sometimes, somehow the intruders gain access to your WordPress instance and make unnecessary changes that might endanger the login activity leaving you locked out.
5) Make a backup copy of every change that you make on your WordPress website. Let it be a design change or some settings, be sure to backup the WordPress when any change is committed. You can also make use of external backup plans that may come with your hosting plan so you don’t have to approach manual handling.
6) Keep changing the login credentials, and make a habit of changing the creds for all important admin users in the account. Set a day of every month to do so. Our job should be to secure WordPress admin at any cost!
7) Avoid logging in through the wp-admin URL or you can change the admin URL to something else. You can use hosting plans to access your WordPress website, or you can simply change the login URL so attackers do not know how to intrude, That is for the better.
How to fix “You Are Not Allowed to Access This Page” in WP
Let’s check out we can fix the issue. Below are the steps that you follow one after the other to fix the error “you Are Not Allowed to Access This Page”.
1) Disable all plugins
As a basic troubleshooting to see if this is blocked due to a security plugin, we should verify by disabling all plugins. For this, navigate to the wp installation, locate the DB that you are using through the wp-config.php file, and then opt for PHPMyAdmin. Once you are in the PHPmyadmin, you can expand the db related to your Website.
Post this, click on the options table, set the filter to 500, and search Active. You will see the row coming as active_plugins, click edit into that. Copy the entire text, paste it on Notepad just in case, and click go. Now refresh the login page and try again, if not fixed, follow the next steps.
2) Verify user_roles & db prefix
We have to verify what DB prefix we are using for our WordPress installation and then make sure the user_roles row has the same prefix as what we are using in wp-config.php. For this, you would need to go to the WordPress installation of your domain name navigate to wp-config.php, and locate the db prefix. Once you have noted the DB prefix, you want to confirm you are using it on user roles, for that please navigate to the phpmyadmin. Navigate through the Database, expand the options table, and then set the filter to 500 search user_roles, and verify it begins with the right db prefix. If that mismatches, update it. If it’s proper, then leave it as it is and move to the next steps.
3) Create an Admin user
Sometimes the user that we are trying to log in to might miss the necessary permissions. We can simply create a new admin user and then try logging in. For this, please navigate to PhpMyadmin, expand the related database, and click on the user’s table. Once you are on the Table, click Insert and fill in the details as shared in the screenshot. Once that is done, click go and navigate to usermeta table which is usually before the user’s table. Click on the usermeta table, and then click insert.
Make sure you fill the the user ID in the section that we set while creating a user. After this, call the domain name with wp-admin and try to log in using the credentials. You should be in. If not fixed, follow the next steps below.
Note: Please ensure you edit the capabilities according to your DB prefix that is present in your wp-config.php file.
4) Set user_roles to default
This step is vital and it is likely to fix your issue. Navigate to the database in question and open the options table. Set the filter to 500 and then search for user roles. Remove the existing default roles, and go to the link here on my GitHub public repository copy the code, and paste it into the user_roles. Once you have done that, click Go to update it. Once that is done, you should be good. If does not work, you can create a new user in step 3 and re-check. Again, if it is not fixed still then you can try the next step but we are sure that after updating the default roles it should work.
5) Migrate and restart
If you have tried all 4 points above, and it has not worked. It means there is only one thing left, and this is risky but if done properly it can help you a lot. This would replace all WordPress core files and move content over. We have already covered this in the blog post here, but if you want any sort of help we are here to help you. We are one email away from helping you with no charge for the first time. Please navigate to the Services page to understand what we cover.
You are not allowed errors can be very annoying. This limits you from accessing your WordPress admin dashboard to make necessary changes. If you ever caught up in such issues, you can also get help from your Hosting provider but that might come at a price. With the above approach, you should be able to get rid of this issue 100%. This concludes How to Fix you are not allowed to access this page on WP. What steps do you feel stuck in? Are you paying high charges to fix such issues? do let us know in the comments section below. If you need any help or have any suggestions to make, then do reach us via the contact page here. Happy Kisan Diwas!