Have you used iThemes Security to hide the login area of your WordPress website, and then been locked out?
Don’t worry, we’ve all been there (well, probably all iThemes users).
One thing you can do to fix this is check out the .htaccess file via FTP.
FTP into your website.
- In the top-level, you should find an .htaccess file.
- Right click on that file and make a duplicate (either copy and paste in the same directory with a different name, or download a copy, or whatever you find best). You should definitely not proceed without making a backup of this file.
- Open the htaccess file (not the backup) with your text editor.
- Look for this section:
# BEGIN Hide Backend # Rules to hide the dashboard
- In that section, you might see something like this:
RewriteRule ^(/)?your_new_login/?$ /wp-login.php [QSA,L]
- In a browser window, you can copy the “your_new_login” string and affix it after your domain name.
Modifying this htaccess file – even mistakenly adding an extra space in the wrong area – can definitely break your website. Please be careful; this is why making a copy of the file is critical.
If you’ve hidden your login URL using iThemes Security, then these steps will get you back to your login screen. Sometimes, it is just a simple matter of forgetting what the new login URL is, or leaving off a trailing slash, or something simple like that. Finding this code string in your htacess file will help resolve those matters.
If this works, then you can go ahead and delete your htaccess backup file.
If it does not work, then there is another reason for your inability to login. You’ll have to keep troubleshooting to determine what that other reason may be.