Lost access to entire network after recent update

  • I have a private WordPress network covering 11 different sites, all hosted under separate TLDs (using WordPress MU Domain Mapping plugin; version 0.5.4.2, if that matters).

    This network is at a very initial state (about 50 posts posted to 2-3 blogs, everything still kept private) and, due to my involvement in other projects, for past 6-12 months I did nothing over it, except very rare, occassional login and update of plugins and network itself.

    Since entire network is kept private (using underConstruction plugin; version 1.08, if matters), every visitor sees only a landing page and user must be logged in as admin (the only account among users) to do anything in control panel of entire network or each particular site.

    Yesterday, I’ve noticed, that (probably after recent update) I have completely lost access to my entire network. URLs, that I’ve been using for over a year, had become invalid:

    I can’t access neither login screen nor any site / network dashboard. Does anyone have any idea, what is wrong? Is there any cure for this problem? Or the only option is to dump entire network to trash and start rebuilding it from scratch.

    Things I’ve done so far:

    1. I’ve read this answer, but it brings me no help (my only user is an admin). And, because I’m unsure, if this is related, since I can’t even display a login page in my network.
    2. I’ve read WordPress 4.0 Master List, but it also isn’t any help as it discuss only problems after successful login to dashboard.
    3. Of course, I have cleared the browser cache and tested this issue on all browsers available to me (Chrome, Firefox and IE, all in newest versions).

    I found this vulnerability report about underConstruction plugin versions prior to 1.09 (to which I catch in, because my network uses 1.08). Can this be relatead in any way?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Can you provide us with a link to your site? I don’t think that your site is compromised but anything is possible. If you can’t provide a link that’s fine too.

    network admin entry point (https://example.com/wp-admin/network/) redirects (after few seconds) to https://example.com and displays landing page

    When you visit https://example.com/wp-admin/network/ if the network is not working or does not exist then this error message should pop up.

    “You do not have sufficient permissions to access this page.”

    But it doesn’t so I think a plugin may be causing a problem.

    Can you try renaming plugins and mu-plugins (if you have one) to plugins-old and mu-plugins-old?

    Thread Starter trejder

    (@trejder)

    Jan, thank you for your effort and attempt to solve my problem.

    I’d like to not disclose my network address / domain right now. For privacy and security reasons (especially, that disabling plugins made all sites open to all visitors). Maybe in a private message, but not public, not now. If it will be required to solve the problem, then I’ll paste all required URLs. But, for right now, let’s try to do this “virtually” (if there is anything to do, except reinstallation, cause this thing really looks strange).

    I have “disabled” all plugins, as you requested (by renaming “wp-content/plugins” to “wp-content/plugins-old”; I don’t have any “mu-plugins” folder). This has caused following effects:

    1. All pages are now accessible for guests, instead of displaing landing page (thanks to “underconstruction” plugin being disabled).
    2. Network dashboard (https://example.com/wp-admin/network/) again redirects to home page (https://example.com), but this time displays info, that there are no pages instead of landing page.
    3. Any site admin page (https://domain.com/wp-admin/index.php) again redirects to URL: https://domain.com/wp-login.php?redirect_to=http%3A%2F%domain.com%2Fwp-admin%2F&reauth=1 and also displays “Page Not Found” page.
    4. Attempt to open login page (https://domain.com/wp-login.php) ends up with browser ERR_TOO_MANY_REDIRECTS error and warning message, that page contains too many redirects. Suggested solution (clearing cache and cookies) does not work.

    I haven’t tested directly calling login page (https://domain.com/wp-login.php) previously (with plugins “enabled”) so I did this now. When plugins are enabled, there is no error/warning. The “underconstruction” plugin takes its part and displays landing page.

    I have never seen error suggested by you (“You do not have sufficient permissions to access this page”) at any point during my tests. I have tested this problem on all three browsers, to which I have access. I have cleared cache and cookies in two of them (can’t do this in my main browser). No effect, as for now.

    Is there anything I can do in this situation?

    Please note, that I’d like to recover entire network and those 30-50 posts already made. But, on the other hand, vision of dumping everything and starting from scratch isn’t some kind of nightmare for me. So, please, only spend your time on my case, if you really think, there might be a solution or if this case can benefit others. Thank you in advance!

    What was your previous version of WP? When I have had problems like this due to upgrading WP core. I re-install the previous version of WP. I backup WP prior to my upgrades.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Can you check the database to make sure that you do not have a mismatch between www.example.com and example.com? That could explain the redirect that is going on.

    Thread Starter trejder

    (@trejder)

    @jkhongusc: I don’t know, what version I do have now (becaue I don’t have any access to dashboard and I don’t know how to check it other ways). Downgrading to earlier version is not an option for me. I want to have all security issues covered, so I always install newest available version.

    @jan Dembowski: I don’t know, how to check it, but I’m pretty sure, that is not an issue. Mainly because:

    • domains and redirects are handled by mu-plugin, and described problems are also present with this (and all other plugins) completely disabled,
    • if this would be caused by incorrect redirect / domain configuration, why did it collapse after recent update, not many weeks or months ago (I just check it, that I have this blog network for nearly two years)?

    Thanks for all your effort once again, by I’m beginning to think, that total wipe and starting from the scratch is the only way in this case.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    WordPress 4.0 is a little more sticky about your www vs non-www URLs

    You can SAFELY install the WP 3.9.2 files on top of your current setup and see if that restores your access. Honest. it’s okay.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Lost access to entire network after recent update’ is closed to new replies.