Close
web-bsk-eror jarang diupdate

Can login as a wordpress administrator but can’t access the wp-admin back-end

Today I found a strange case on wordpress https://bsk. telkomuniversity .ac.id

User ordinary administrators can’t access wp-admin, even though they can login.

Troubleshooting is done:

Still inaccessible.

Check that the user access rights in phpmyadmin are correct, they still have access as Administrator

It can only be like this, the toolbar is detected already logged in, but there is no back-end menu
usually this is because the user does not have any “role”

But checked in wp_user and wp_metauser everything is normal, has access previously asadministrator

Finally curious to try to compare with other wordpress databases, and just found out there is empty data in the wp_options section of the wp_user_roles table and because they are identical, just copy and paste the contents

a:5:{s:13:"administrator";a:2:{s:4:"name";s:13:"Administrator";s:12:"capabilities";a:102:{s:13:"switch_themes";b:1;s:11:"edit_themes";b:1;s:16:"activate_plugins";b:1;s:12:"edit_plugins";b:1;s:10:"edit_users";b:1;s:10:"edit_files";b:1;s:14:"manage_options";b:1;s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:6:"import";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:8:"level_10";b:1;s:7:"level_9";b:1;s:7:"level_8";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;s:12:"delete_users";b:1;s:12:"create_users";b:1;s:17:"unfiltered_upload";b:1;s:14:"edit_dashboard";b:1;s:14:"update_plugins";b:1;s:14:"delete_plugins";b:1;s:15:"install_plugins";b:1;s:13:"update_themes";b:1;s:14:"install_themes";b:1;s:11:"update_core";b:1;s:10:"list_users";b:1;s:12:"remove_users";b:1;s:13:"promote_users";b:1;s:18:"edit_theme_options";b:1;s:13:"delete_themes";b:1;s:6:"export";b:1;s:12:"wpsqt-manage";b:1;s:11:"edit_blocks";b:1;s:18:"edit_others_blocks";b:1;s:14:"publish_blocks";b:1;s:19:"read_private_blocks";b:1;s:11:"read_blocks";b:1;s:13:"delete_blocks";b:1;s:21:"delete_private_blocks";b:1;s:23:"delete_published_blocks";b:1;s:20:"delete_others_blocks";b:1;s:19:"edit_private_blocks";b:1;s:21:"edit_published_blocks";b:1;s:13:"create_blocks";b:1;s:22:"beehive_view_analytics";b:1;s:22:"manage_snapshots_items";b:1;s:29:"manage_snapshots_destinations";b:1;s:25:"manage_snapshots_settings";b:1;s:23:"manage_snapshots_import";b:1;s:11:"hustle_menu";b:1;s:18:"hustle_edit_module";b:1;s:13:"hustle_create";b:1;s:24:"hustle_edit_integrations";b:1;s:20:"hustle_access_emails";b:1;s:20:"hustle_edit_settings";b:1;s:34:"wpml_manage_translation_management";b:1;s:21:"wpml_manage_languages";b:1;s:41:"wpml_manage_theme_and_plugin_localization";b:1;s:19:"wpml_manage_support";b:1;s:36:"wpml_manage_woocommerce_multilingual";b:1;s:37:"wpml_operate_woocommerce_multilingual";b:1;s:29:"wpml_manage_media_translation";b:1;s:22:"wpml_manage_navigation";b:1;s:24:"wpml_manage_sticky_links";b:1;s:30:"wpml_manage_string_translation";b:1;s:33:"wpml_manage_translation_analytics";b:1;s:25:"wpml_manage_wp_menus_sync";b:1;s:32:"wpml_manage_taxonomy_translation";b:1;s:27:"wpml_manage_troubleshooting";b:1;s:31:"wpml_manage_translation_options";b:1;s:23:"beehive_manage_settings";b:1;s:16:"hustle_analytics";b:1;}}s:6:"editor";a:2:{s:4:"name";s:6:"Editor";s:12:"capabilities";a:47:{s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;s:14:"chained_manage";b:1;s:11:"edit_blocks";b:1;s:18:"edit_others_blocks";b:1;s:14:"publish_blocks";b:1;s:19:"read_private_blocks";b:1;s:11:"read_blocks";b:1;s:13:"delete_blocks";b:1;s:21:"delete_private_blocks";b:1;s:23:"delete_published_blocks";b:1;s:20:"delete_others_blocks";b:1;s:19:"edit_private_blocks";b:1;s:21:"edit_published_blocks";b:1;s:13:"create_blocks";b:1;}}s:6:"author";a:2:{s:4:"name";s:6:"Author";s:12:"capabilities";a:17:{s:12:"upload_files";b:1;s:10:"edit_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:4:"read";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;s:22:"delete_published_posts";b:1;s:11:"edit_blocks";b:1;s:14:"publish_blocks";b:1;s:11:"read_blocks";b:1;s:13:"delete_blocks";b:1;s:23:"delete_published_blocks";b:1;s:21:"edit_published_blocks";b:1;s:13:"create_blocks";b:1;}}s:11:"contributor";a:2:{s:4:"name";s:11:"Contributor";s:12:"capabilities";a:6:{s:10:"edit_posts";b:1;s:4:"read";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;s:11:"read_blocks";b:1;}}s:10:"subscriber";a:2:{s:4:"name";s:10:"Subscriber";s:12:"capabilities";a:2:{s:4:"read";b:1;s:7:"level_0";b:1;}}}

Then try logging in again, Alhamdulillah , it’s back to normal right away

All back-end menus reappear, and it is immediately apparent that the web is rarely maintained, because there are so many things that need to be updated

It could be that the contents of the wp_user_roles table are missing because there is a sql injection activity from the wp/plugin/ themes security hole that was not updated

Therefore, dear Website Operator , be diligent in looking at the wordpress website, updating it, scanning for malware, and adding content..

This post is also available in: Indonesian

Silakan berikan komentar, pertanyaan, maupun sanggahan. InsyaAllah dibalas secepatnya.

© Just Shared on Tel-U | WordPress Theme: Annina Free by CrestaProject.
%d bloggers like this: