“Sorry, you are not allowed to access this page.”

When you see this kinda message, there are a few things that can go wrong, I won’t go into detailing all of them. I will be focusing precisely on one, but before I do that, let’s quickly check what could go wrong

  1. Wrong user role for the user that is signing in
  2. Upgrade to latest version of wordpress has gone wrong
  3. wp_options table got corrupted
  4. Your site is hacked
  5. Wrong file level permissions
  6. Missing role of an Administrator
  7. and gazilion others …

Let’s focus on point 6, 

The missing administrator role

This can happen because of various reasons

  1. Faulty plugin
  2. Human error
  3. Corrupt wp_options table

So let see what we can do to restore it

wp_options table have a column called option_name, execute the follow MySQL statement to see if our wp_user_roles value is present or not

This should return you a row with option_value which should be a long string. 

If above query doesn’t return anything, then check your database backup, restore it locally (not on production server) and see what value this property had

If above query returned an option value which did not list “Administrator” in the awkwardly looking JSON string, then also refer to the back and see what value you had to restore it. 

If your backup is missing, then you can temporarily use the folling query to restore access

Now try to login again, if administrator role was missing, you would’ve been redirected to /my-account page of your website or the website home page.

Couple of other points, 

Check if your admin user has administrator capabilities, 

I am assuming that your default user have an ID of 1. Check if the value of meta_value property has something like this as a value

a:1:{s:13:"administrator";b:1;}

If above is not sighted, the do this to have it added

make sure to replate REPLACE_WITH_META_ID with your meta_id that corresponds to meta_key = ‘wp_capabilities’

Also make sure that meta_key = ‘wp_user_level’ for your user has a value of 10. 

IF everthing fails 

There are several hacks that can be performed on wordpress core to allow temporary admin access to your user. I generally mess up with /wp-includes/capabilities.php 

In this file there is a function called current_user_can

I know that to the wordpress purists, above point may sound crazy, but that’s just one way of doing it.

I hope this helps

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.