I can login fine to each site, including the primary, but if I try to go to the Network Admin areas I get into a login loop. Example of what happens is below. I just can’t get past this. No error is displayed.
/wp-login.php?redirect_to=https%3A%2F%2Fmy.domain%2Fwp-admin%2Fnetwork%2Fusers.php&reauth=1
I have seen a few threads about this issue but none of them seem to have resolved the problem and those threads have been closed with no resolution posted.
I spoke to my hosts (Siteground) and they told me there was a WP update on the 30th March. They told me nothing on the error logs could provide a clue as to what is happening so they couldn’t help me. I have tried restoring, one-by-one, full backups from before this date. I have also already tried all the usual suggestions of clearing cache/cookies/using different browser etc. None of these have worked.
I have yet to try disabling all plugins and themes, as I don’t really want to impact my live sites until I have tried everything else to try to resolve this first.
If anyone can suggest anything else or has any knowledge of what happened with the previous closed threads I would be very grateful.
]]>I’ve searched around the internet and the issue seems to be related to the auth_cookie but still haven’t found a solution.
You can try yourself with credentials: demo, demo
here’s the function I’ve written to login for ajax and no ajax case and how it’s called back.
function auth_user_login_no_ajax($action,$user_login,$password,$login) {
//first clear all auth cookies
//wp_clear_auth_cookie();
//if login is called by ajax call die the function
if ( is_user_logged_in() && $action == 'ajaxlogin' ) {
$output = json_encode(array(
'loggedin'=>true,
'message'=> $login.__(' successful, redirecting...','sw-ajax-login'),
));
die($output);
return;
}
//impostazione per redirect pagina
$page_to_redirect = swal_page_to_redirect();
//get remember credentials option
$swal_login_remember_credentials = intval(get_option('swal_login_remember_credentials',SWAL_LOGIN_REMEMBER_CREDENTIALS));
$info = array();
$info['user_login'] = $user_login;
$info['user_password'] = $password;
//check if it has to remember credentials
if ($swal_login_remember_credentials == 0) {
$info['remember'] = true;
} else if ($swal_login_remember_credentials == 1) {
$info['remember'] = false;
} else if ($swal_login_remember_credentials == 2) {
if (isset($_POST['rememberme'])) {
if ($_POST['rememberme']) {
$info['remember'] = true;
} else {
$info['remember'] = false;
}
}
}
$user_signon = wp_signon( $info, false );
if ( is_wp_error($user_signon) ){
$output = json_encode(array(
'loggedin'=>false,
'message'=> __('Wrong username or password.','sw-ajax-login')
));
} else {
wp_set_auth_cookie( $user_signon->ID, $info['remember'], false);
wp_set_current_user($user_signon->ID);
$output = json_encode(array(
'loggedin'=>true,
'message'=> $login.__(' successful, redirecting...','sw-ajax-login'),
));
//if login arrive from no ajax request then redirect
if ( $action == 'login' ) {
wp_redirect( $page_to_redirect );
}
}
//if login is called by ajax call die the function
if ( $action == 'ajaxlogin' ) {
die($output);
} else if ( $action == 'login' ) {
$GLOBALS['sw_login_json'] = $output;
}
}When the function is called, i’ve shortened to make it more readable.
add_action( 'after_setup_theme', 'swal_auth_user_no_ajax' );
function swal_auth_user_no_ajax() {
/**
* Verify if the request arrive via POST
*/
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$action = $_POST['action'];
/**
* Login function
*/
if ( $action == 'ajaxlogin' || $action == 'login') {
//if function is called from normal POST request check nonce in the regular way
if ( $action == 'ajaxlogin' ) {
// check the nonce in case of ajax request
check_ajax_referer( 'ajax-login-nonce', 'security' );
} else if ( $action == 'login' ) {
$nonce = $_POST['security'];
if ( ! wp_verify_nonce( $nonce, 'ajax-login-nonce' ) ) {
return;
}
}
auth_user_login_no_ajax($action,$_POST['username'],$_POST['password'],'Login');
}Thanks
]]>I configured a plugin to make authorization via simplesaml, but at the last redirect I land at the URL containign reauth=1 at the end. When I truncate the URL up to https://mysite.com/wp-login.php, I’m redirected to admin console.
This issue happens only when permit_wp_login is set to false, otherwise after successeful authentification via SAML I get directly to admin console.
I’ve already tried deleting cookies, session_tokens, chainging salt – but it didn’t help to solve the problem.
What could be the issue?
Thank you!
]]>In general options I removed protocol mention, so home url became //site.com.
Now I’m trying change it to https://site.com , but it is unchangeable. I have checked in DB – it’s setuped to https://site.com, but when I checked source code of sitepages it showed only //site.com
My main problem is in Reauth when enter my data in wp-login.php
This is my wp-config.php
define(‘FORCE_SSL_LOGIN’, true);
define(‘FORCE_SSL_ADMIN’, true);
$_SERVER[‘HTTPS’]=’on’;//preventing loop error
define(‘WP_HOME’,’https://site.com’);
define(‘WP_SITEURL’,’https://site.com’);
define(‘WP_DEBUG’, true); // no errors found
When I try to login to WordPress Admin Panel, it gets redirected to the “reauth=1” page. This happened after the following changes were made at my hosting end, yesterday.
1. Attached my domain to Cloudfare yesterday, and got a DNS change notification today from WordFence
2. Started nginx server in Plesk.
3. I used “Check Security” option in Plesk to secure WordPress
Here is what I tried already, and didn’t fix the problem:
1. Cleared cookies, and browsing data in all browsers.
2. Generate new secret keys from salt, and updated wp-config.php
3. Restored the site from my last VaultPress backup
4. Turned off nginx server and rebooted the server.
5. Detached the domain from Cloudfare (might take a day to take effect.)
6. Disabled *all* Plugins to test
7. Tested withe the default “twenty..” theme. then Reverted back to GeneratePress.
Any suggestions to fix the Admin login issue will be much appreciated.
If I should seek professional help, any pointers on that would be helpful too.
Thanks,
]]>add_filter( 'tml_action_template_message' ) without any success
Thanks in advance!
https://www.ads-software.com/plugins/theme-my-login/
]]>this is the path:
https://www.autorijschooldiva.nl/wp-login.php?redirect_to=http%3A%2F%2Fwww.autorijschooldiva.nl%2Fwp-admin%2F&reauth=1
dont have any access to WP anymore.
]]>I’ve tried following the instructions for a basic site migration:
I’ve kept the same domain name
https://my.bluehost.com/cgi/help/2361
https://codex.www.ads-software.com/Moving_WordPress
At the moment I’ve done the following:
– Changed DNS
– Imported old SQL file into new database
– Uploaded all files from previous wordpress site
– Edited Config.php to link up with the new database
However, when I attempt to login using wp-admin.php it edits the url and comes up blank:
sitename.com/wp-login.php?redirect_to=http%3A%2F%2Fsitename.com%2Fwp-admin%2F&reauth=1
Any idea what this could be? I’m losing hair at the moment over this.
Many thanks,
Gareth
]]>on my site so please anyone help me out to solve this issue please
]]>I am the administrator of https://engsoc.queensu.ca and when I try to save the menu, I get redirected to https://engsoc.queensu.ca/wp-login.php?redirect_to=http%3A%2F%2F&reauth=1
I have the GeneratePress theme installed. I am able to post, create/edit pages properly, but I am unable to save the menu.
]]>