Locked out of WordPress Site Admin after enabling Force SSL on WordPress Https (SSL)

1 Views

I am in a terrible fix. I have been locked out of Site Admin and the solutions offered by the plug-in team in their documentation aren’t working. I’ve tried both methods using Webmatrix. I have to launch my site on Friday and I don’t know what to do.

This is what they suggested:

Read More

How do I reset the plugin’s settings?
Go to /wp-content/plugins/wordpress-https/wordpress-https.php and uncomment (remove the two forward slashes before) the line below, or go to your wp-config.php file and add this line. Hit any page on your site, and then remove it or comment it out again. 

define('WPHTTPS_RESET', true);

The settings won’t save!

Did you reset the plugin following the steps above and forget to comment the line back out or remove it from wp-config.php?

Post Views: 1

Related posts

3 comments

  1. First, rename the folder wp-content/plugins/wordpress-https to wp-content/plugins/wordpress-https-OFF so that WordPress can’t find it to run it.

    Second, add the following lines to your wp-config.php file, replacing the domain name with your domain name:

    define( 'WP_SITEURL', 'http://example.com/' );
define( 'WP_HOME', 'http://example.com/' );

  2. I have tried all solutions for resetting the plugin but none did work, finally I found the solution: remove the according data from database.

    Your option is to go into the database and run below query:

    DELETE
FROM wp_options
WHERE option_name LIKE 'wordpress-https%'

  3. Depending on your site configuration and your browser, fixing this might take more than one step. The following should resolve many of these kinds of problems.

    Step 1: Deactivate the WordPress-HTTPS plugin

    Since you can’t log into Admin, you need to do this behind WordPress’s back. The simplest, brute-force way to do this is to rename the plugin’s folder.

    1. Using FTP, a shell prompt, or your web host’s file manager (e.g., the one available through cPanel), navigate to wp-contentplugins
    2. Rename the plugin folder wordpress-https to wordpress-https1

    It doesn’t really matter what you rename it to. WordPress just knows that a plugin called “WordPress-HTTPS” is active and that it’s stored in a folder called “wordpress-https”. By renaming the folder we hide it from WordPress so that the plugin’s code won’t run.

    A more elegant, and possibly safer, way to do this is to use WP-CLI. This is a command line interface that lets you do most WordPress administrative functions from the Linux/Unix shell. But not everyone has shell access (for example via SHH), and not every host as WP-CLI installed. If it is installed:

    1. Enter the command wp plugin list to confirm the plugin is there and active
    2. Enter the command wp plugin deactivate wordpress-https

    Step 2: Clear all caching

    In theory WordPress-HTTPS is inactive now and won’t cause login problems. But some browsers and web hosts have caching enabled that could remember the redirection that happened earlier.

    To make sure you’re really getting 100% current access to the site:

    1. If you have caching plugins enabled (e.g., W3 Total Cache), disable them. Some can be disabled through your web host’s control panel (e.g., SiteGround’s SuperCacher), and others you’ll need to deactivate as above.
    2. If your web host does caching outside of WordPress, disable it. This can normally be done through your web host’s control panel.
    3. If you have a Content Delivery Network enabled (e.g., CloudFlare), disable it.
    4. Clear your browser’s cache and cookies.
    5. Shut down and restart your browser.

    Step 3: Log in

    With any luck, you can now.

    Step 4: If it still won’t work, temporarily switch your site to http

    Your site’s settings probably say to use https for the site and home URL. If your problem is really just because of the “force admin” setting, this probably isn’t a problem. But as a final step you can try switching this off for the whole site.

    These URL settings are defined on the Settings > General page, which you can’t reach right now. But they’re stored in the WordPress table wp_options. You can override them in one of two ways:

    • As described in webaware’s answer, define a couple of constants in wp-config.php, remembering to remove those constants once you’re done.
    • Edit the database directly with phpMyAdmin or your own PHP code. These two settings are “siteurl” and “home”, and are the first two in the wp_options table. Switch them to use http instead of https.

    Step 4: Remove the settings that caused your lockouts

    Skip this step if you plan to stop using WordPress HTTPS altogether. In that case you can just delete the wordpress-https1 foler.

    But it’s a very useful tool when SSL is enabled, so you might want to reactivate it once you can log in. If you do that right now, though, you’ll probably have login problems again.

    We need to delete WordPress-HTTPS’s settings from the WordPress options table. This is essentially like installing it from scratch. There are two ways to do this.

    Option 1: Delete them directly from the database

    All of the settings are in your WordPress database, in the wp_options table, and all of them begin with “wordpress-https”. Deleting those rows from the table resets WordPress-HTTPS. It should now be safe to reactivate.

    Option 2: Use the plugin’s “reset” flag

    As you described in your question, you can define the WPHTTPS_RESET constant. The next time WordPress HTTPS runs it will see this flag and clear its settings. It’s possible this didn’t work for you because of the caching issue mentioned above.

Comments are closed.