Lost access to my whole MS after WP 3.1 upgrade- Ouch. HELP

Hi Troops,

Please help a victim of the Gremlins out. I do not know what is going on, but the Universe is playing with me. I lost my beloved Mac yesterday for an expected week, came home to backup files on a notebook Mac, to find that my whole WP installation is impossible to get into. I am no guru, but I did everything I could think of; request for new password via emails- never received, attempt to sign into side sites, only to be redirected back to main site (good for me security), I even broke into the database and browsed for the friggin password; copied it and pasted it into the field, only to be replied to by a rejected response. Even when I change the password from within the database, to an easy one, the password is rejected.

What on earth is going on: Here is what I did do:

1. I upgraded to 3.1 automatically
2. then started to upgrade plugins for WPMU, some auto, some manually, but all per directions. Frankly, I lost tract of what it did, since Apple has my desktop. However, I think it is limited to: "Additional Tags; Rebranded-meta-widgets; wpmudeve-updates;CustomPress; aksimet;

Any help would be greatly appreciated.

Tim

  • Barry
    • DEV MAN’s Mascot

    * Moving this thread to members only for reasons that will become clear later *
    Hiya
    Getting locked out is a real pain. Is the site actually running ok on the front end? and the login screen loads up ok?

    If that is the case then at least your WP install is up and running, now we just have to get you back in.

    Ok, this is what you need to do :slight_smile:

    1. Open your database, if you can access it, and have a look at the wp_users table - make a note of the ID of the admin user.
    2. Open a blank file in your editor and save it as getmein.php :slight_smile: Keep it open though as we're going to add in some code.

    Put the following in your file:

    <?php
    if($_GET['letmein'] == 'please') {
    wp_set_auth_cookie(1);
    }
    ?>

    2. Access your site via ftp and upload the file to your mu-plugins directory (if it doesn't exist within the wp-content directory then create one and upload it).

    3. Go to your site and load the home page. e.g. http://mysite.com?letmein=please

    4. You should now be logged in, go to the admin area and change your admin user password.

    5. Logout and log back in to test it works again.

    6. REMOVE THE FILE FROM MU-PLUGINS

    Hopefully that will work for you, if not let me know and I'll work out another method

  • Ivan
    • The Incredible Code Injector

    Since I am forgetting my passwords and I have to go through this process quite often, here is my method for hacking in :stuck_out_tongue:

    1. ( Assuming you have access ) Login to your PHPMyAdmin
    2. Go to the wp_users table and click on user "admin" edit icon
    3. Go to http://www.miraclesalad.com/webtools/md5.php and generate an MD5 hash password
    4. Put it inside "user_pass" and save.
    5. Go login with your new password :slight_smile:

    Happy hacking :slight_smile:

  • Ivan
    • The Incredible Code Injector

    Just tried it with couple of different MD5 hash strings and it works perfectly fine. WP 3.0.4 MS with all the "Authentication Unique Keys and Salts" set.

    Edit: Yep, I did some testing and it looks like this doesn't work on 3.1 anymore.

  • Lifebrightener
    • Design Lord, Child of Thor

    Thanks so much everyone,

    I will remember these tricks just in case. GoDaddy FINALLY jammed through a password reset.

    Here is something cute I found in my wp-muplugins folder:

    An index.php file with this inside: <?php
    // Silence is golden.
    ?>

    the only other thing in my install with the same date is Buddypress. Do I need this file for anything, or is this some jokers file?

    Lastly, as per a tutorial, I changed wp-config define('FORCE_SSL_LOGIN', positive);
    define('FORCE_SSL_ADMIN', positive);

    BEFORE THIS PROBLEM HIT ME - THEN I CHANGED IT BACK TO (false) before password reset. Should I change these values back to (positive) now that I am in?

    Again, troops, it is great having you behind me,

    TJ

  • drmike
    • DEV MAN’s Mascot

    Do I need this file for anything, or is this some jokers file?

    That's there so visitors can't see the files in your directory. If the index.php wasn;t there, they would get a file list. Call it a security measure.

    Someone else though is going to have to answer the ssl question.

  • Lifebrightener
    • Design Lord, Child of Thor

    Hi gang,

    no worries anymore. I got my network back after finally getting a password reset for my network admin userid.

    It seems that, despite having two admin userid's defined under the same umbrella MS domain; only one of my admin userid's has access to the network WP dashboard.

    Is that cool?

    TJ

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.