I have one problem with all my WordPress's sites. I can access in all and navigate in the posts, pages and other. But when I go to wp-login.php I view the form and put user and password.
And when I clicking access goes here:
Forbidden
You don't have permission to access /blog/wp-login.php on this server.
I have permissions in folder 755 and files 644, and I check all if i can, any help?
Thanks
The solution is to add this to the beginning of your .htaccess
<Files wp-login.php>
Order Deny,Allow
Deny from all
Allow from all
</Files>
It's because many hosts were under attack, using the wordpress from their clients.
As said previously add this
<Files wp-login.php>
Order Deny,Allow
Deny from all
Allow from all
</Files>
to the begining of your main .htaccess file and it will work
I had this same problem, and after temporarily deleting all my .htaccess files, then trying to modify them as suggested, and making sure all my files and folder permissions were set to 777, I still couldn't get it to work. I don't know why I couldn't access the file, but I was able to create a new file and access it no problem. So what I did was create a new file in /wp-admin/ called temp.php and pasted all the code from install.php into it. This allowed me to access the file. The only other thing I had to do was edit the code so that the form submitted to temp.php instead of install.php. After that, I could finish the install and everything worked.
<form id="setup" method="post" action="temp.php?step=2">
Make sure the following lines are not in your wp.config
define( 'FORCE_SSL_LOGIN', true );
define( 'FORCE_SSL_ADMIN', true );
define( 'DISALLOW_FILE_EDIT', true );
I got locked out after deactivating iThemes security plugin
I had a similar error, which was fixed by adding:
Options FollowSymLinks
... in the apps/[app-name]/conf/httpd-app.conf file. This is because, in my case, an .htaccess file wants to use rewrite rules, that are not allowed with FollowSymLinks AND SymLinksIfOwnerMatch turned off.
If your conf file already has a line with Options ..., you can just add FollowSymLinks to the list of options. You could end up with something like this:
Options Indexes MultiViews FollowSymLinks
Sometimes if you are using some simple login info like this: username: 'admin' and pass: 'admin', the hosting is seeing you as a potential Brute Force Attack through WP login file, and blocks you IP address or that particularly file.
I had that issue with ixwebhosting and just got that info from their support guy. They must unban your IP in this situation. And you must change your WP admin login info to something more secure.
That solved my problem.
This should work :
The instructions says that you add a separate .htaccess containing the lines above to the wp-admin folder - and leave the main .htaccess, in the root, alone.
if that don't help , you can try this:
copy the .htaccess file as is from the wp-admin and placed it in the root folder and bingo! It should work ! if you face new error after this let us know.
for reference you can look here as well:
http://wordpress.org/support/topic/you-dont-have-permission-to-access-blogwp-loginphp-on-this-server
Check using this:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
If you are using the iThemes Security plugin (former Better WP security) please refer to the answer provided by Mikeys4u.
Also, there is a similar thread related to this plugin on the WordPress support: https://wordpress.org/support/topic/how-to-reset-ithemes-security-plugin-to-fix-issues
Make sure you backup your database before trying any of the solutions.
Change .htaccess file code by this code :
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
# uploaded files
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
# END WordPress
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 贼婆χ 的文章《Forbidden You don't have permission to access 》','https://www.manongdao.com/article-326772.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}