web analytics

Blog

WordPress- Admin interface access permission issues

Tags: Dashboardwordpresswp adminwp-user

Published on: February 20, 2017 by Hariram JR

WordPress- Admin interface access permission issues

Scenario:

When I successfully logged into the WordPress admin with the correct username (Say designz) and password, I had the problem after logged into the admin interface.

Except Dashboard, all other links in admin interface gave me “You do not have sufficient permissions to access this page.”

t1

Analysis

On further investigation, it is found that this error is due to a security issue where permissions to the WordPress user (say designz) was not granted and made denied in the database.

How to fix?

1. Check and confirm that the tables in the WP db uses the same prefix specified in the wp-config.php ( The default WP configuration file)

For example here the  table prefix specified in the configuration file is  “wp”,  and hence the table names would be in the format “wp_commentmeta”, wp_comments”, etc.

Kindly note that the table prefix may be different for you based on your installation and configuration.

Before proceeding further, let us have look into some of the crucial tables in WP installation

wp_users:

The list of users who has the privilege to access the WordPress admin panel is stored in wp_users table. It contains columns which mention the user information like login, password (in encrypted form), registration time, status, display name, mail and activation key (if required).

The roles or privileges of the WordPress users are defined as Super admin, Administrator, Subscriber, Contributor, Author and Editor.

wp_usermeta:

The details of users with access to the WordPress dashboard will be stored in the form of meta data in the wp_usermeta table.

As mentioned in the issue analysis itself,  this is a privilege issue on the setting of user permissions to access the WP dash board. Now let us proceed with the resolution of the issue.

Resolution Process

1)  Backup the DB using PHPMyAdmin.

Backing up of data is the rule of thumb for every system admin. No exceptions are  granted here as well and we proceed with the generation of backup of the db using PHPMyAdmin here as well.

Now, browse the table wp_usermeta. It will list the following columns.

umeta_id    :  It lists the number of meta id in the wp_usermeta table.

user_id       :  The user_id is the ID of the user whose data should be retrieved.

meta_key    :  It lists key roles for the users corresponding to their user id.

meta_value : It holds the information or returns a value for meta_key for the users which is denoted by their user_id.

 

 

3. Check the ‘ID’ of the user in ‘wp_usermeta’ table and make sure that the ID should be same in the ‘wp_users’ table for that user. Since the table ‘wp_usermeta’ contains the meta data of the the table “wp_users” the ID should be identical.

If not edit the ‘user_id’ table field in the table and assign the correct one.

t2f

4. Check the ‘wp_user_level’ in ‘wp_usermeta’ table which meta_value should be 10 always.

Then a question will pop up in your mind. Why it should be 10 always?

Because, the user who holds value 10 is known as the Super user.

Actually, the meta_value level state for wp_capabilities ranges from 0-10. From the state level, we can assume the role of that particular user. They are as follows:

0-4 Level state – They don’t have the provision to manage other users.

5 Level state – The user in the state 5 have the provision to manage the user below his level. But they don’t have provision to add users. Their authority is restricted within 0-4 level users.

6 to 9 Level State – The users from range 6 to 9 have authority to manage the other users and have the provision to create a new user as well. But user between the level 6 to 9 don’t have the provision to manage the users who have higher state than him. Say if a user has 6 value in his wp_capabilities, he has the provision to create a new user, manage the user below his level. But he cannot manage the user with state level 7 or beyond.

10 state level – The users with state value 10 symbolically represents higher authority user or super admin for all other users. He has the full provision to the WordPress dashboard such as manage a user, create, promote and remove etc.

 

5. Look for the user’s wp_capabilities meta_value. In my case, the wp_capabilities meta_value for the user ‘dezigns’ had the value as below.

a:5{s:14:"can_edit_posts";b:1;s:4:"read";b:1;s:12:"upload_files";b:1;s:11:"super_admin";b:1;s:13:"bbp_keymaster";b:1;}

Then, I have changed the wp_capablilities meta_value as below.

 a:1:{s:13:"administrator";s:1:"1";} 

t5

The above code will provide ‘administrator’ permission to the user (dezigns) and you can now navigate to any of the panel in the WordPress admin section.

Hope, this article helps you to fix your issue. Thank You for your valuable time :)

Category : Linux, Troubleshooting, WordPress

Hariram JR

Hariram JR

System Engineer with two years of experience in deploying and managing hundreds of Linux servers. Currently working in Cloud technologies, especially with AWS platform. His work includes installing application server, scaling and configuring it for high availability and fault tolerance.

You may also read:

Comments

Add new commentSIGN IN

Let's Connect

Get new updates

Categories

$0.000 items