I have had a one-click Wordpress droplet running for about a year without issue. Overnight something has gone wrong and I cannot access wp-admin anymore.
The front end and non admin accounts work fine https://3d.plus/
However, anything in the admin areas I get:
Forbidden You don’t have permission to access this resource.
Apache/2.4.41 (Ubuntu) Server at 3d.plus Port 443
I have tried removing the .htaccess file, this does not help and wordpress generates a new one instantly on website load.
I disabled all plugins by changing the plugins folder name, the site looks awful but no change to access
I also disabled all plugins and then removed the .htaccess file incase a specific plugin was writing a problematic rule, still no luck
If I access the error log after trying to access the admin area I get:
[access_compat:error] [pid 1332] [client MYIPADDRESS] AH01797: client denied by server configuration: /var/www/html/wp-admin/index.php
I also then, following some research, used this command to ensure file/folder ownership
sudo chown -R www-data:www-data /var/www/html/wp-admin
The only other thing that did happen last night which was unusual is that I got 3 spam account registrations on the website. All using 1 minute email type services and resetting their password almost instantly but nothing else.
I’d like to think this is coincidence but worth noting. I use google 2FA on admin login for added security and have not observed any other issues that would make me suspicious. My admin account is still able to login on the front end as normal too.
So following all of this I am running out of ideas and places to turn. Any help or suggestions would be greatly appreciated.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hello all,
Usually, when you get such an error, there are 3 main things to check.
Check if your permissions are correct. Usually, they are 755 for folders and 644 for files
Check if your file ownership is correct. It should be one that Apache2/Nginx can read
Make sure there aren’t any firewall rules that are preventing you from loading the website.
Once you exclude all of the above, you can check if your domain is pinging from the proper place or your .htaccess(if using Apache2) is configured properly.
Hi there,
In addition to what you’ve tried already, there are a few things you can try to troubleshoot this issue:
Check the permissions on the
wp-admin directory
and its contents. Make sure that the web server user (usuallywww-data
on Ubuntu) has the necessary permissions to access the files in this directory. You can use thechown
command to change the ownership of thewp-admin
directory and its contents, as you mentioned.Check your WordPress configuration. Make sure that the
WP_DEBUG
constant is set to false in yourwp-config.php
file, and that theDISALLOW_FILE_EDIT
constant is not set to true.Check for any
.htaccess
files inside thewp-admin
directory itselfBest,
Bobby