purpleadmin

I’ve fixed it!

It turns out that for some reason, in my wp_sitemeta, my site_admins was set to the email address I use to login, rather than the actual username. I have no idea why this happened, but after searching for instructions on how to add a new superadmin I wondered if that was the issue, and after changing that one line it all started working.

Many thanks for your help, I will take your advice about security plugins.

It’s a permissions error. I get the login screen, unless I am already logged in, in which case I get the ‘Sorry, you are not allowed to access this page.’ message. And if I log in through that login screen, I get the same message. It’s like I’ve been downgraded to admin on the multisite – I can’t access Network Admin, or use any of the superadmin role capabilities.

• This reply was modified 6 years, 9 months ago by purpleadmin.

Lastly, since I can access this & you can’t, perhaps check w/Bluehost & insure that your IP hasn’t in some way been locked. If you have a firewall running, chec the rules as well. Since you’re able to log into the site, I doubt this, but it might be worth checking nonetheless.

Sorry, I don’t understand what you mean by ‘since I can access this & you can’t’? What can you access that I can’t?

It’s a subdomain installation. Not taken as condescending at all. Here’s the wp-config:

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.www.ads-software.com/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'redacted');

/** MySQL database username */
define('DB_USER', 'redacted');

/** MySQL database password */
define('DB_PASSWORD', 'redacted');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts - redacted

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_fzci_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.www.ads-software.com/Debugging_in_WordPress
 */
define('WP_DEBUG', false);
/* Multisite */
define( 'WP_ALLOW_MULTISITE', true );
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', true);
define('DOMAIN_CURRENT_SITE', 'juliannebenford.com');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);
define('SUNRISE', 'on' );
define( 'AUTOSAVE_INTERVAL', 300 );
define( 'WP_POST_REVISIONS', 5 );
define( 'EMPTY_TRASH_DAYS', 7 );
define( 'WP_CRON_LOCK_TIMEOUT', 120 );
/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

The captcha plugin is Captcha, which I see from googling was removed from the WP plugin store due to the security backdoor issue. I have deleted it from active_sitewide_plugins in my wp_sitemeta for now, but I don’t know if there is anything I need to do in order to repair any damage this caused.

Otherwise for security I had Jetpack installed, paid version, but after my previous experiment with active_sitewide_plugins it doesn’t seem to be working.

My .htaccess:

# Use PHP5.6 as default
AddHandler application/x-httpd-php56 .php

# BEGIN WordPress
<IfModule mod_rewrite.c>
	RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
</IfModule>
<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresByType image/jpg "access plus 1 year"
	ExpiresByType image/jpeg "access plus 1 year"
	ExpiresByType image/gif "access plus 1 year"
	ExpiresByType image/png "access plus 1 year"
	ExpiresByType text/css "access plus 1 month"
	ExpiresByType application/pdf "access plus 1 month"
	ExpiresByType text/javascript "access plus 1 month"
	ExpiresByType image/x-icon "access plus 1 year"
	ExpiresDefault "access plus 1 weeks"
</IfModule>
AddHandler application/x-httpd-php70s .php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

• This reply was modified 6 years, 9 months ago by purpleadmin.

Yes, I can log into my site no problem, but Network Admin is still not showing on the menu at the top and /wp-admin/network still gives me the ‘Sorry, you are not allowed to access this page’.

Thanks. I’ve cleared my browser cache, and to be sure, tried using a different browser. I think I’ve disabled the site’s cache – ‘Caching’ is at the top when I’m logged in and I purged all and then turned it off in the settings. Please let me know if there’s another way. It doesn’t seem to have helped.

Hi Jackie, the site is https://juliannebenford.com – sorry, in my hurry to include as many details as I could remember I forgot to include the url!