Learn More About WordPress Login Page

November 18, 2019 by Cusmin | Reading time: 8 minutes

Like any other CMS (Content Management System) that is used for web site content management, require an administrator to log in, WordPress also has a page that prompts the user to input credentials. To log in to the WordPress admin panel, the first step you will take is to navigate to the WordPress login page.

TABLE OF CONTENTS

An overview of WordPress and CMS in general
- How To Log in To WordPress?
- WordPress Login Page Security
Common Login Problems
Conclusion

An overview of WordPress and CMS in general

If you have a web site, you will need a way to add content to it. Almost every site has some kind of CMS that will be used for adding content to your site. Why am I saying almost every? That’s because for some simple web site you will not need a CMS and all you can have are static pages created in HTML or some back-end scripting language like PHP, Java, ASP, etc that will, in the end, generate an HTML page for your browser.

WordPress is CMS and that’s basically consisted of two parts: public-facing web site, and private administration panel or admin panel. Admin panel is used for content management, so you can easily add or manage content on your web site. Today WordPress way more than just a content manager, and you can do much more with it like manage users, sites, settings or install third-party additions called plugins.

In order to access to WordPress administration panel, you will need some kind of authentication window or form where you can pass in your credentials and log in. WordPress has a page to do that and we will refer to it as WordPress login page.

How To Log in To WordPress?

There are many ways to access your WordPress login page and we will show you a couple of them. Let’s say that your website is on this web address www.example.com. If you have installed WordPress in the root directory, to access login page you should go to some of the following addresses:

https://www.example.com/wp-login.php
https://www.example.com/wp-login
https://www.example.com/login

or try to directly access to the WordPress admin panel. You will be redirected to the Login page.

https://www.example.com/admin
https://www.example.com/wp-admin

Choose your favorite and you can always access your WordPress admin panel by typing it in the address bar

If you have installed WordPress in a directory, for example: ‘blog’, your Login page should be on this address:

https://www.example.com/blog/wp-login.php

On subdomains, this URI will look like this:

https://subdomain.example.com/wp-login.php

The login screen has some additional options:

Register: If registration option is enabled, anyone can register to the blog simply by clicking this option
Lost your password?: This option helps you if you can’t log in with your credentials, in case you forgot your password or even email address or login name. You just need to know your email address or login name.
Back to blog: This link returns you to the home page of your blog
Remember me: This option lets you save your credentials to the browser’s cookie, so the next time you don’t have to log in again. How long this will last, depends on your cookies settings. Do this only on your personal computer, so no one else could access your account.

WordPress Login Page Security

It’s always a good idea to use SSL for everything on your site. To make sure it’s correctly configured on your site, try accessing the site using HTTPS protocol. If no errors are shown and you can see https://example.com… in address bar, congratulations! Your site has SSL correctly configured.

This is highly recommended to have when you are trying to log in on your Login page.

Why is this so important? When using the HTTP protocol, traffic between the server where your site is hosted and your browser is not encrypted. When you type in your credentials and submit the login form, an HTTP request is sent to the server as plain text. If anyone sees that message, they can easily find out your credentials and use your site.

What if I don’t have SSL installed on my site?

Check if you have access to shared SSL: Some hosting providers give you shared SSL that can be used in such cases. When using shared SSL, instead of using https://example.com/wp-login, you will use something like:

https://server12.examplehostingprovider.com/ accountname/wp-login

It’s not pretty but it’s useful, at least to log in to your admin panel. Check this with your hosting provider.

Avoid connecting to WordPress admin panel from untrusted networks: Let’s say you are connecting to free WiFi from your favorite coffee shop using your mobile device or laptop. This type of connection cannot be trusted, because anyone can access it and potentially hack your account. Use it at your own risk.
Buy an SSL: This is highly recommended if you have any sensitive data on your web site or blog.
Back up web site data as often as possible: Check if your hosting provider gives you an automatic backup feature. This will make backups on a regular basis and you will be able to restore your web site in case of serious login problems or in case your web site is hacked. You could also use an old computer for backups, and turn it into a file server if you haven't already sold it.

Common Login Problems

Sometimes you just can’t log in to the WordPress admin panel even though you think you have the right credentials. It’s always better to check other solutions before trying to reset your password for the 10th time.

Here is the list of possible solutions that you may try:

Check the Case of Your Password

WordPress Password is case sensitive, so it’s important to match the exact cause of your original password. Make your that your Caps Lock key is not turned on.

Redirecting – Are You On the Right Site?

You may be redirected to the wrong site, especially if you use a multisite environment, or if there are any recent changed in your .htaccess file. Check that you are on the right site by looking at the address bar URI. If you’re redirected to some other site and you’re unable to access your original site, it could be something wrong with your .htaccess file. Connect via FTP and temporary rename .htaccess file to anything else and see if that worked out.

Check the Cookies

Make sure you have enabled cookies in your browser. Clear the cookies and clear the cache. Very often this simple trick does help.

Disable Plugins

Plugins can access and modify your Login page, and some of them do that. Connect to your site via FTP and remove the plugins you think could be causing this problem. You can find plugins in folder:

/wp-content/plugins/

Disable Your Current Theme

Your theme could break sometimes and cause login problems. To make sure that’s not the case, connect to your site via FTP, and navigate to folder:

/wp-content/themes/[your-theme-name]

Rename your theme folder to something else. WordPress will not recognize your theme after that and will use its default theme that should work. Try to log in again. If this does not help, rename your theme’s folder back to its original name.

Check Browser’s Console Logs

In some cases, you can find useful information in the browser’s console, if the problem is somewhere in front end scripts like JavaScript. Open the browser’s console and check for any errors. If there are any errors, there could be a path to the script that fails. That can be a good indicator to find out what plugin failed.

For example

https://example.com/wp-content/plugins/plugin-example/script.js (234)

This indicates that the plugin example failed, and we should delete it and try to log in after that. It would be good to report this issue to the plugin’s support page on WordPress.org in order to fix the cause of the problem.

To open console use F12 for Windows, Command + Option + I for Mac.

Corrupted wp-login.php file

If you’re transferring your files via FTP, transfer problems could occur and your files may become corrupted. If you think this could be the case, try re-uploading a wp-login.php file. Make sure to delete or rename your original file before uploading a new one.

Try Resetting your Password

If you have simply forgotten your password, this is the simplest method to get back your login credentials.

Change your Password Directly in Database

If you have access to your database, you can find your user in the table: wp-users. In the column, user_pass replace the existing password with your new one. Before inserting your new password you should encrypt it using the MD5 algorithm. PHP function for this is md5, but you could also use an online MD5 encryptor tool for that (google for something like \"online md5 encrypt\").

Check your Firewall Settings

In some cases, firewall settings may block you for accessing WordPress

Conclusion

WordPress login page is a very important part of the CMS and you should make sure that your users can always access it and that is well protected against attackers.

Comments