Wordpress Archives

July 29, 2023July 29, 2023

Initial Server Setup with Ubuntu

Introduction
As part of the initial setup for a brand-new Ubuntu server, you should carry out a few crucial configuration tasks. These changes will improve your server’s security and usability and lay a strong foundation for further activities.

Step 1 — Logging in as root

log in now as the root user using the following command (substitute the highlighted portion of the command with your server’s public IP address

ssh root@your_server_ip

Accept the warning about host authenticity if it appears. If you are using password authentication, provide your root password to log in.

The root user is the administrative user in a Linux environment that has very broad privileges. Because of the heightened privileges of the root account, you are discouraged from using it on a regular basis. This is because the root account is able to make very destructive changes, even by accident.

The next step is setting up a new user account with reduced privileges for day-to-day use.

Step 2 — Creating a New User

Once you are logged in as root, you’ll be able to add the new user account. In the future, we’ll log in with this new account instead of root.

This example creates a new user called john, but you should replace that with a username that you like:

adduser john

You will be asked a few questions, starting with the account password.

Enter a strong password and, optionally, fill in any of the additional information if you would like. This is not required and you can just hit ENTER in any field you wish to skip.

Step 3 — Granting Administrative Privileges
Now we have a new user account with regular account privileges. However, we may sometimes need to do administrative tasks.

To avoid having to log out of our normal user and log back in as the root account, we can set up what is known as superuser or root privileges for our normal account. This will allow our normal user to run commands with administrative privileges by putting the word sudo before the command.

To add these privileges to our new user, we need to add the user to the sudo group.

usermod -aG sudo john

Step 4 — Setting Up a Basic Firewall
Ubuntu servers can use the UFW firewall to make sure only connections to certain services are allowed. We can set up a basic firewall using this application.

Applications can register their profiles with UFW upon installation. These profiles allow UFW to manage these applications by name. OpenSSH, the service allowing us to connect to our server now, has a profile registered with UFW.

You can see this by typing:

ufw app list

Output
Available applications:
  OpenSSH

We need to make sure that the firewall allows SSH connections so that we can log back in next time. We can allow these connections by typing:

ufw allow OpenSSH

Afterwards, we can enable the firewall by typing:

ufw enable

Type y and press ENTER to proceed. You can see that SSH connections are still allowed by typing:

ufw status

As the firewall is currently blocking all connections except for SSH, if you install and configure additional services, you will need to adjust the firewall settings to allow traffic in.

Step 5 — Enabling External Access for Your Regular User

Now that we have a regular user for daily use, we need to make sure we can SSH into the account directly.

If you logged in to your root account using a password, then password authentication is enabled for SSH. You can SSH to your new user account by opening up a new terminal session and using SSH with your new username:

ssh john@your_server_ip

After entering your regular user’s password, you will be logged in. Remember, if you need to run a command with administrative privileges, type sudo before it like this:

sudo command_to_run

You will be prompted for your regular user password when using sudo for the first time each session (and periodically afterwards).

December 3, 2020July 31, 2023

How to Install WordPress with LEMP on Ubuntu 20.04

Introduction

WordPress is the most popular content management systems (CMS) on the internet currently, allows users to set up flexible blogs and websites using a MySQL backend with PHP processing. WordPress has seen an incredible adoption rate among new and experienced engineers alike, and is a great choice for getting a website up and running efficiently. After an initial setup, almost all administration for WordPress websites can be done through its graphical interface— these features and more make WordPress a great choice for websites built to scale.

In this tutorial, you’ll focus on getting an instance of WordPress set up on a LEMP stack (Linux, Nginx, MySQL, and PHP) for an Ubuntu 20.04 server.

Prerequisites

In order to complete this tutorial, you’ll need access to an Ubuntu 20.04 server. To successfully install WordPress with LEMP on your server, you’ll also need to perform the following tasks before starting this tutorial:

Create a sudo user on your server: The steps in this tutorial are using a non-root user with sudo privileges. You can create a user with sudo privileges by following our Ubuntu 20.04 initial server setup tutorial.
Install a LEMP stack: WordPress will need a web server, a database, and PHP in order to correctly function. Setting up a LEMP stack (Linux, Nginx, MySQL, and PHP) fulfills all of these requirements. Follow this tutorial to install and configure this software.
Secure your site with SSL: WordPress serves dynamic content and handles user authentication and authorization. TLS/SSL is the technology that allows you to encrypt the traffic from your site so that your connection is secure. The way you set up SSL will depend on whether you have a domain name for your site.

When you are finished with setup, log in to your server as the sudo user to continue.

Step 1 — Creating a MySQL Database and User for WordPress

WordPress uses MySQL to manage and store site and user information. Although you already have MySQL installed, let’s create a database and a user for WordPress to use.

To get started, log in to the MySQL root (administrative) account. If MySQL is configured to use the auth_socket authentication plugin (which is default), you can log in to the MySQL administrative account using sudo:

 $ sudo mysql

If you have changed the authentication method to use a password for the MySQL root account, use the following command instead:

 $ mysql -u root -p

You will be prompted for the password you set for the MySQL root account.

Once logged in, create a separate database that WordPress can control. You can call this whatever you would like, but we will be using wordpress in this guide to keep it simple. You can create a database for WordPress by entering:

Mysql> CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Note: Every MySQL statement must end in a semi-colon (;). If you’ve encountered an error, check to make sure the semicolon is present.

Next, let’s create a separate MySQL user account that we will use exclusively to operate on our new database. Creating single-purpose databases and accounts is a good idea from a management and security standpoint. We’ll use the name wordpressuser in this guide — feel free to change this if you’d like.

In the following command, you are going to create an account, set a password, and grant access to the database you created. Remember to choose a strong password here:

CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost';

You now have a database and user account, each made specifically for WordPress.

With the database tasks complete, let’s exit out of MySQL by typing:

EXIT

The MySQL session will exit, returning you to the regular Linux shell.

Step 2 — Installing Additional PHP Extensions

When setting up the LEMP stack, it required a very minimal set of extensions to get PHP to communicate with MySQL. WordPress and many of its plugins leverage additional PHP extensions, and you’ll use a few more in this tutorial.

Let’s download and install some of the most popular PHP extensions for use with WordPress by typing:

 $ sudo apt update

 $ sudo apt install php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip

Note: Each WordPress plugin has its own set of requirements. Some may require additional PHP extension packages to be installed. Check your plugin documentation to discover its PHP requirements. If they are available, they can be installed with apt as demonstrated above.

When you are finished installing the extensions, restart the PHP-FPM process so that the running PHP processor can leverage the newly installed features:

 $ sudo systemctl restart php7.4-fpm

You now have all of the PHP extensions needed, installed on the server.

Step 3 — Configuring Nginx
Next, let’s make a few adjustments to our Nginx server block files. Based on the prerequisite tutorials, you should have a configuration file for your site in the /etc/nginx/sites-available/ directory configured to respond to your server’s domain name or IP address and protected by a TLS/SSL certificate. We’ll use /etc/apache2/sites-available/wordpress as an example here, but you should substitute the path to your configuration file where appropriate.

Additionally, we will use /var/www/wordpress as the root directory of our WordPress install in this guide. Again, you should use the web root specified in your own configuration.

Note: It’s possible you are using the /etc/nginx/sites-available/default default configuration (with /var/www/html as your web root). This is fine to use if you’re only going to host one website on this server. If not, it’s best to split the necessary configuration into logical chunks, one file per site.

Open your site’s server block file with sudo privileges to begin:

 $ sudo nano /etc/nginx/sites-available/wordpress

Within the main server block, let’s add a few location blocks.

Start by creating exact-matching location blocks for requests to /favicon.ico and /robots.txt, both of which you do not want to log requests for.

Use a regular expression location to match any requests for static files. We will again turn off the logging for these requests and will mark them as highly cacheable, since these are typically expensive resources to serve. You can adjust this static files list to contain any other file extensions your site may use:

/etc/nginx/sites-available/wordpress

server {
    . . .

    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt { log_not_found off; access_log off; allow all; }
    location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
        expires max;
        log_not_found off;
    }
    . . .
}

Inside of the existing location / block, let’s adjust the try_files list. Comment out the default setting by prepending the line with a pound sign (#) and then add the highlighted line. This way, instead of returning a 404 error as the default option, control is passed to the index.php file with the request arguments.

This should look something like this:

/etc/nginx/sites-available/wordpress
server {
. . .
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
. . .
}

When you are finished, save and close the file.

Now, let’s check our configuration for syntax errors by typing:

 $ sudo nginx -t

If no errors were reported, reload Nginx by typing:

$ sudo systemctl reload nginx

Next, let’s download and set up WordPress.

Step 4 — Downloading WordPress
Now that your server software is configured, let’s download and set up WordPress. For security reasons, it is always recommended to get the latest version of WordPress directly from the project’s website.

Change into a writable directory and then download the compressed release by typing:

 $ cd /tmp

This changes your directory to the temporary folder. Then, enter the following command to download the latest version of WordPress in a compressed file:

curl -LO https://wordpress.org/latest.tar.gz

Note: The -LO flag is used to get directly to the source of the compressed file. -L ensures that fetching the file is successful in the case of redirects, and -O writes the output of our remote file with a local file that has the same name. To learn more about curl commands, visit How to Download Files with cURL
Extract the compressed file to create the WordPress directory structure:

tar xzvf latest.tar.gz

You will be moving these files into our document root momentarily, but before you do, let’s copy over the sample configuration file to the filename that WordPress actually reads:

cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

Now, let’s copy the entire contents of the directory into our document root. We’re using the -a flag to make sure our permissions are maintained, and a dot at the end of our source directory to indicate that everything within the directory should be copied (including hidden files):

sudo cp -a /tmp/wordpress/. /var/www/wordpress

Now that our files are in place, you’ll assign ownership to the www-data user and group. This is the user and group that Nginx runs as, and Nginx will need to be able to read and write WordPress files in order to serve the website and perform automatic updates:

sudo chown -R www-data:www-data /var/www/wordpress

Files are now in the server’s document root and have the correct ownership, but you still need to complete some additional configuration.

Step 5 — Setting up the WordPress Configuration File
Next, let’s make some changes to the main WordPress configuration file.

When you open the file, you’ll start by adjusting some secret keys to provide some security for our installation. WordPress provides a secure generator for these values so that you don’t have to come up with values on your own. These are only used internally, so it won’t hurt usability to have complex, secure values here.

To grab secure values from the WordPress secret key generator, type:

curl -s https://api.wordpress.org/secret-key/1.1/salt/

You will get back unique values that look something like this:
Warning: It is important that you request unique values each time. Do NOT copy the values shown below!

Output
define(‘AUTH_KEY’, ‘1jl/vqfs define(‘SECURE_AUTH_KEY’, ‘E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3’);
define(‘LOGGED_IN_KEY’, ‘W(50,{W^,OPB%PB define(‘NONCE_KEY’, ‘ll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g’);
define(‘AUTH_SALT’, ‘koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-‘);
define(‘SECURE_AUTH_SALT’, ‘p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY’);
define(‘LOGGED_IN_SALT’, ‘i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|’);
define(‘NONCE_SALT’, ‘Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%’);

These are configuration lines that you can paste directly in your configuration file to set secure keys. Copy the output you received now.

Now, open the WordPress configuration file:

 $ sudo nano /var/www/wordpress/wp-config.php

Find the section that contains the dummy values for those settings. It will look something like this:
/var/www/wordpress/wp-config.php
. . .

define(‘AUTH_KEY’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
define(‘NONCE_KEY’, ‘put your unique phrase here’);
define(‘AUTH_SALT’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_SALT’, ‘put your unique phrase here’);
define(‘LOGGED_IN_SALT’, ‘put your unique phrase here’);
define(‘NONCE_SALT’, ‘put your unique phrase here’);
Delete those lines and paste in the values you copied from the command line:

/var/www/wordpress/wp-config.php
. . .

define(‘AUTH_KEY’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘SECURE_AUTH_KEY’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘LOGGED_IN_KEY’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘NONCE_KEY’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘AUTH_SALT’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘SECURE_AUTH_SALT’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘LOGGED_IN_SALT’, ‘VALUES COPIED FROM THE COMMAND LINE’);
define(‘NONCE_SALT’, ‘VALUES COPIED FROM THE COMMAND LINE’);
Next, let’s modify some of the database connection settings at the beginning of the file. You’ll have to adjust the database name, the database user, and the associated password that was configured within MySQL.

The other change you should make is to set the method that WordPress uses to write to the filesystem. Since you’ve given the web server permission to write where it needs to, you can explicitly set the filesystem method to “direct”. Failure to set this with our current settings would result in WordPress prompting for FTP credentials when we perform some actions. Add this setting below the database connection settings, or anywhere else in the file:

/var/www/wordpress/wp-config.php
. . .

define( ‘DB_NAME’, ‘wordpress’ );

/** MySQL database username */
define( ‘DB_USER’, ‘wordpressuser’ );

/** MySQL database password */
define( ‘DB_PASSWORD’, ‘password’ );

. . .

define( ‘FS_METHOD’, ‘direct’ );
Save and close the file when you’re done.

Step 6 — Completing the Installation Through the Web Interface
Now that the server configuration is complete, you can finish up the installation through WordPress’ web interface.

In your web browser, navigate to your server’s domain name or public IP address:

http://server_domain_or_IP/wordpress
Select the language you would like to use:

WordPress language selection

Next, you will come to the main setup page.

Select a name for your WordPress site and choose a username (it is recommended not to choose something like “admin” for security purposes). A strong password is generated automatically. Save this password or select an alternative strong password.

Enter your email address and select whether you want to discourage search engines from indexing your site:

WordPress setup installation

When you click ahead, you will be taken to a page that prompts you to log in:

WordPress login prompt

Once you log in, you will be taken to the WordPress administration dashboard:

WordPress login prompt

Conclusion
WordPress should be installed and ready to use! Some common next steps are to choose the permalinks setting for your posts (can be found in Settings > Permalinks) or to select a new theme (in Appearance > Themes). If this is your first time using WordPress, explore the interface a bit to get acquainted with your new CMS.

December 4, 2019December 4, 2019

How To Install and Configure the OpenLiteSpeed Web Server on Ubuntu 18.04

install openlitespeed server on ubuntu 18.04

In this article, we’ll learn how to install and configure OpenLiteSpeed on an Ubuntu 18.04 server.

OpenLiteSpeed is the Open Source edition of LiteSpeed Web Server Enterprise. OpenLiteSpeed contains all of the essential features found in LiteSpeed Enterprise, and represents our commitment to support the Open Source community. It features Apache-compatible rewrite rules, a built-in web-based administration interface, and customized PHP processing optimized for the server.

OpenLiteSpeed Features:

Event-Driven Architecture
Fewer processes, less overhead, and enormous scalability. Keep your existing hardware.

Understands Apache Rewrite Rules
OpenLiteSpeed is mod_rewrite compatible, with no new syntax to learn. Continue to use your existing rewrite rules.

Friendly Admin Interfaces
OLS comes with a built-in WebAdmin GUI. Control panel support is available with CyberPanel.

Built for Speed and Security
Features Anti-DDoS connection and bandwidth throttling, ModSecurity v3 integration, and more.

Intelligent Cache Acceleration
Built-in full-page cache module is highly-customizable and efficient for an exceptional user experience.

PageSpeed Optimization
Automatically implement Google’s PageSpeed optimization system with the mod_pagespeed module.

PHP LiteSpeed SAPI
Native SAPI for PHP allows external applications written in PHP to run up to 50% faster.

WordPress Acceleration
Experience a measurable performance boost with OpenLiteSpeed and LSCache for WordPress.

Step 1 – Installing OpenLiteSpeed on Ubuntu 18.04

OpenLiteSpeed provides a software repository we can use to download and install the server with Ubuntu’s standard apt command.

Update all your system packages:

sudo apt-get update
sudo apt-get upgrade

Download and add the developer’s software signing key:

$ wget -qO - https://rpms.litespeedtech.com/debian/lst_repo.gpg | sudo apt-key add -

Now we will add the repository information to our system:

$ sudo add-apt-repository 'deb http://rpms.litespeedtech.com/debian/ bionic main'

Install the OpenLiteSpeed server and its PHP processor using apt install:

$ sudo apt install openlitespeed lsphp73

Finally, create a soft link to the PHP processor we just installed. This directs the OpenLiteSpeed server to use the correct version:

$ sudo ln -sf /usr/local/lsws/lsphp73/bin/lsphp /usr/local/lsws/fcgi-bin/lsphp5

OpenLiteSpeed server is installed, we’ll secure it by updating the default admin account.

Step 2 – Configure OpenLiteSpeed & Setting the Admin Password

Configure the administrative password for OpenLiteSpeed web server. By default, the password is set to 123456, so we should change this immediately. We can do this by running a script provided by OpenLiteSpeed:

sudo /usr/local/lsws/admin/misc/admpass.sh

Provide a username for the administrative user as below:

Please specify the user name of administrator.
This is the user name required to login the administration Web interface.
 
User name [admin]: wpcademyadmin
 
Please specify the administrator's password. This is the password required to login the administration Web interface.
 
Password:
Retype password:

Administrator's username/password is updated successfully!

Step 3 – Accessing the OpenLiteSpeed Web Server

OpenLiteSpeed should have started automatically. We can verify this with the following command:

$ sudo /usr/local/lsws/bin/lswsctrl status

Output:

litespeed is running with PID 990.

sudo /usr/local/lsws/bin/lswsctrl start

Output:

[OK] litespeed: pid=5137.

We need to open up some ports on our firewall. Configure Firewall for Port Access. Add the firewall rules:

$ sudo ufw allow http
$ sudo ufw allow https
$ sudo ufw allow 8088
$ sudo ufw allow 7080

ReloAd ufw to effect the changes:

sudo ufw reload

In your web browser, navigate to your server’s domain name or IP address, followed by :8088 to specify the port:

http://server_domain_or_IP:8088

Browser should load the default OpenLiteSpeed web page as seen below:

To configure the administrative interface. Got to your web browser, using HTTPS, navigate to your server’s domain name or IP address followed by :7080 to specify the port:

https://server_domain_or_IP:7080

Enter the admin logins you had created during the OpenLiteSpeed configuration. Once you correctly authenticate, you will be presented with the OpenLiteSpeed administration interface:

Step 4 – Configuring the Port

In the list of listeners, click the “View/Edit” button for the Default listener:

Click the edit button in the top-right corner of the “Address Settings” table to modify its values:

On the next page, then click the floppy disk icon, Save.

change port 8088 to port 80

You’ll need to now open up port 80 on your firewall:

$ sudo ufw allow 80

The default web page should now be accessible in your browser on port 80 instead of port 8088.

Congratulations! You should have OpenLiteSpeed and PHP installed and running on an Ubuntu 18.04 server.

You are running Ubuntu 16.04 : Install OpenLiteSpeed on Ubuntu 16.04

Visit OpenLiteSpeed Official Website fore more details.

October 17, 2019October 17, 2019

Easy Guide to Remove the Login Shake Effect in WordPress

If you ever enter a wrong username or password when logging into WordPress, then you probably noticed that the login box shakes along with showing you the error that username or password is incorrect. In this tutorial, we will learn how to remove the login shake effect in WordPress.

remove wordpress login shake effect

The login shake feature is added with a JavaScript file that WordPress adds on every login page. All we need to do is remove that JavaScript.

Simply add the following code in your theme’s functions.php file or in a site-specific plugin:

function wpb_remove_loginshake() {
    remove_action('login_head', 'wp_shake_js', 12);
}
add_action('login_head', 'wpb_remove_loginshake');

Removing the login shake effect is an aesthetic decision and should be made completely based on your personal preference. In our opinion, it helps get user’s attention and let them know that there is an error. On our sites, we do not remove the login shake effect.

We hope this tutorial helped you remove the login shake effect in WordPress.

You Might Also Like: Fix WordPress Login Page Redirecting Issue

October 17, 2019October 17, 2019

How to Fix WordPress Login Page Redirecting Issue : Easy Steps

Login issues can be caused by various different errors such as error establishing database connection, internal server error or white screen of death. Another type of login error is when your login page keeps refreshing and redirecting it back to the login screen. In this article we will learn how to fix the WordPress login page refreshing and redirecting issue.

Follow a step and check if the issue resolved, if not follow the next step.

Step-1: Clear Cookies to Resolve Login Issues

WordPress uses cookies for login authentication, so the first step in troubleshooting WordPress login issues is the simplest one. Clear your browser cookies and cache. Also make sure that your browser has cookies enabled. After doing that restart your browser and then try to login. This should fix the issue for most folks.

how to clear cookies from browser

Step-2: Deactivate All Plugins Installed in Your WordPress Site

Sometimes WordPress plugins can cause this issue specially if there is a conflict between two plugins. To deactivate all your WordPress plugins, connect to your web hosting using an FTP client. Rename /wp-content/plugins/ directory to plugins_backup. This will deactivate all WordPress plugins installed on your website. We also have a detailed tutorial on how to deactivate all WordPress plugins when unable to access WP-Admin. Once you have deactivated all plugins, try to logging in to your WordPress site. If you succeed, then this means that one of your plugins was causing the issue.

Step-3: Revert Back to the Default Theme

WordPress themes can also cause conflicts after upgrading to a newer version of WordPress or the theme itself. To find out whether the problem is being caused by your theme, you need to deactivate your theme. The process is similar to deactivating the plugins. Connect to your website using an FTP client. Go to /wp-content/themes/ directory and rename your current theme directory to anything. WordPress will look for your current theme and will fall back to the default theme. Once you have done that, then try logging in again. If you succeed, then this means your theme was causing the issue.

If you are already using the default theme as your current theme, then you can still rename it and try to login. If you are able to successfully login then this means that your default theme may have been corrupted. Download a fresh copy of the default theme from WordPress theme repository and upload it to your website.

Step-4: Delete .htaccess File

Sometimes .htaccess file can get corrupted which can result in internal server errors or login page refreshing error. Simply access your website through FTP. Backup the .htaccess file in your computer and then delete it from your website’s root directory. You may want to delete .htaccess file in wp-admin directory as well if it exist. Try logging in again. If you succeed, then this means that your .htaccess file were stopping you from logging into WordPress. Once you are logged in, simply go to Settings » Permalinks and click Save. This will generate a new .htaccess file.

Step-4: Update Your website site URL

In some cases defining the site URL seems to fix the issue. To do this, you need to login to your site using FTP and edit the wp-config.php file. Simply add these two lines of code in your wp-config.php file and don’t forget to replace the example.com with your own URL. Also if your site have www. then make sure you add that.

1 define('WP_HOME','http://example.com');
2 define('WP_SITEURL','http://example.com');

Save changes, and hopefully that will fix the login page refreshing issue.

We hope this article helped you resolve WordPress login page refreshing and redirecting issues.

October 17, 2019

How To Unblock Limit Login Attempts in WordPress

Limit Login Attempt may lock you out too, if you entered the wrong password a few times. In this article, we will show you how to unblock limit login attempts plugin in WordPress.

Delete via FTP or File Manager

The easiest solution for beginners is to delete Limit Login Attempts plugin using FTP and then re-install it later once you can login.

You need to login to your site via FTP and then go to /wp-content/plugins/.

=> Once you’re there, you can simply delete the limit-login-attempts plugin folder.

You can also do this using your web host’s cPanel File Manager.

=> Simply browse to /wp-content/plugins/ and delete the limit-login-attempts folder.

Limit WordPress Login MySQL Query via phpMyAdmin

unblock limit login attempts mysql query

For advanced users who are familiar with MySQL and phpMyAdmin, you can easily run the following SQL query, and it will clear all lockouts.

UPDATE wp_options SET option_value = '' WHERE option_name = 'limit_login_lockouts' LIMIT 1;

If you want to unblock your specific IP e.g. 111.222.111.222, then run a query like this:

UPDATE wp_options SET option_value = REPLACE(option_value, '111.222.111.222', '') WHERE option_name = 'limit_login_lockouts' LIMIT 1;

Make sure to update your IP address and also the database table prefix if you changed your database prefix.

We hope this article helped you unblock limit login attempts in WordPress.

You Might Also Like: How to Limit Access by IP in WordPress

October 17, 2019

How to Limit Access by IP in WordPress

As a security measure, we decided to limit access by IP to our wp-login.php file in WordPress. We already have our WP Admin directory on limited access by IP. In this article, we will show you how to limit access by IP to your wp-login.php file in WordPress.

Note: This tutorial is for advance user.

Open your main .htaccess file and put this code towards the top of the file before everything else.

<Files wp-login.php>
        order deny,allow
        Deny from all
# whitelist the following IP address
allow from xx.xxx.xx.xx
#whitelist Gainesvile IP Address
allow from xx.xxx.xx.xx
</Files>

Don’t forget to replace the IP addresses with your own. The only real downside to this is if you have dynamic IPs, then it can be a problem. Otherwise, this works like charm. Also, the wp-login.php styling breaks, but that is not a priority at this moment. We just wanted to prevent the failed login attempts.

You Might Also Like: Optimize Your WordPress Robots.txt for SEO