Avete mai dimenticato le chiavi di casa e vi siete sentiti bloccati fuori? Bloccare il vostro sito web WordPress può essere molto simile. È molto frustrante, soprattutto se gli hacker hanno eliminato il vostro account di amministratore. Ma non preoccupatevi, potete rientrare.
Pensate al vostro sito web come a una casa con una porta segreta sul retro. La porta sul retro è il database del sito web, al quale si accede di solito tramite il codice MySQL. Ora, potrebbe sembrare complicato, ma è come una serie di istruzioni che potete usare per apportare modifiche al vostro sito web dietro le quinte.
In questo articolo vi insegneremo a usare MySQL per creare un account di amministrazione nuovo di zecca per il vostro sito web, proprio come una nuova chiave per la vostra casa. In questo modo, potrete bloccare gli hacker e riprendere il controllo.
Perché aggiungere un utente amministratore al database di WordPress tramite MySQL?
Una volta ci siamo imbattuti in un problema in cui il sito di un utente è stato violato e il suo account di amministratore è stato cancellato dal database. Questo li ha bloccati dal loro sito WordPress.
Siamo riusciti ad aiutarli ad accedere al loro sito web creando un nuovo utente amministratore direttamente sul sito WordPress. Lo abbiamo fatto utilizzando phpMyAdmin, uno strumento basato sul web che consente di gestire i database MySQL utilizzando il browser web.
Se vi trovate bloccati fuori dall’area di amministrazione di WordPress a causa di hacker o semplicemente perché avete dimenticato la password, potete fare lo stesso.
Tuttavia, dovreste sempre eseguire un backup del database prima di eseguire qualsiasi modifica a MySQL. Poi, una volta che potrete accedere nuovamente al vostro sito web, dovrete seguire la nostra guida per principianti per riparare il vostro sito WordPress violato.
Detto questo, vediamo come aggiungere un utente amministratore al database di WordPress tramite MySQL.
Aggiungere un utente amministratore al database di WordPress con phpMyAdmin
phpMyAdmin è preinstallato nella maggior parte delle aziende di hosting WordPress. È possibile trovarlo nella sezione Database della dashboard del cPanel del vostro account di hosting.
Ecco uno screenshot del pannello di controllo di Bluehost:
Facendo clic sull’icona si aprirà l’interfaccia di phpMyAdmin. È necessario selezionare il database di WordPress dalla colonna di sinistra.
Successivamente, phpMyAdmin visualizzerà tutte le tabelle del database di WordPress. Verranno apportate modifiche alle tabelle wp_users e wp_usermeta.
Aggiunta di un utente alla tabella wp_users
Per prima cosa, è necessario trovare la tabella wp_users e fare clic su di essa. Questo mostrerà gli utenti attualmente elencati nella tabella.
Nella schermata sottostante si nota che nella tabella del nostro sito web dimostrativo sono presenti due ID utente, 1 e 2. Quando creiamo un nuovo utente per il nostro sito dimostrativo, questo ID deve essere unico, quindi digiteremo il numero 3.
È necessario fare clic sulla scheda “Inserisci” nella parte superiore della schermata per inserire le informazioni di un nuovo utente amministratore.
Aggiungere le seguenti informazioni ai campi del modulo Inserisci:
ID: scegliere un numero univoco (nel nostro esempio, utilizzeremo 3)user_login: il nome utente che verrà utilizzato per il loginuser_pass: aggiungere una password e assicurarsi di selezionare MD5 nel menu delle funzioni (vedere lo screenshot qui sotto).nome_utente: nome completo o nickname dell’utenteuser_email: l’indirizzo e-mail dell’utenteuser_url: l’indirizzo del vostro sito webuser_registered: seleziona la data e l’ora in cui l’utente è stato registrato utilizzando il calendariochiave_di_attivazione_utente: lasciare vuotouser_status: impostare questo valore a 0display_name: il nome completo dell’utente o il suo nome visualizzato.
Al termine, fare clic sul pulsante “Vai” per memorizzare il nuovo utente.
Aggiunta di un utente alla tabella wp_usermeta
Ora è necessario trovare la tabella wp_usermeta e fare clic su di essa. Dopodiché, si deve fare clic sulla scheda ‘Inserisci’, come si è fatto nel passaggio precedente.
Successivamente, è necessario aggiungere le seguenti informazioni al modulo Inserisci:
unmeta_id: lasciare vuoto (sarà generato automaticamente)user_id: l’ID utente utilizzato nel passaggio precedentemeta_key: dovrebbe esserewp_capabilitiesmeta_value: insert this:a:1:{s:13: "administrator";s:1: "1";}
Successivamente, scorrendo verso il basso, si dovrebbero trovare i campi per una seconda riga. È necessario aggiungere le seguenti informazioni:
unmeta_id: lasciare vuoto (sarà generato automaticamente)user_id: l’ID utente utilizzato nei passaggi precedentimeta_key: è necessario inserirewp_user_levelmeta_valore: 10
Una volta terminato di inserire le informazioni nei campi, è necessario fare clic sul pulsante “Vai”. Congratulazioni, avete creato un nuovo nome utente amministratore!
Ora, dovreste essere in grado di accedere all’area di amministrazione di WordPress utilizzando il nome utente e la password specificati per questo utente.
Appena effettuato l’accesso, è necessario andare su Utenti ” Tutti gli utenti, quindi fare clic sul nome utente appena creato.
Ora, senza modificare nulla, scorrere fino alla fine della pagina e fare clic sul pulsante “Salva”.
Ciò consentirà a WordPress di ripulire l’utente appena creato e di aggiungere alcune informazioni extra necessarie.
Aggiunta di un utente amministratore al database di WordPress mediante una query SQL
Se siete uno sviluppatore, potete accelerare il processo utilizzando il codice.
È sufficiente inserire questa query SQL nel database:
INSERT INTO `databasename`.`wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES ('3', 'demo', MD5('demo'), 'Your Name', 'test@example.com', 'http://www.example.com/', '2022-09-01 00:00:00', '', '0', 'Your Name');
INSERT INTO `databasename`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '3', 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');
INSERT INTO `databasename`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '3', 'wp_user_level', '10');
Assicurarsi di cambiare ‘databasename’ con il database con cui si sta lavorando.
Inoltre, non dimenticate di cambiare gli altri valori con quelli desiderati per il nuovo utente, come abbiamo spiegato nel primo metodo.
Guide di esperti su cosa fare quando si è bloccati fuori dall’amministrazione di WordPress
Ora che sapete come aggiungere un utente amministratore tramite MySQL, potreste voler vedere alcuni articoli su come sistemare il vostro sito web quando siete bloccati dall’area di amministrazione di WordPress.
- Cosa fare quando si è bloccati fuori dall’amministrazione di WordPress (wp-admin)
- Come utilizzare la modalità di ripristino di WordPress
- Come resettare la password di WordPress da phpMyAdmin
- Come sbloccare il limite dei tentativi di accesso in WordPress
- Come disattivare tutti i plugin quando non si può accedere a WP-Admin
- Come risolvere la schermata bianca della morte di WordPress (passo dopo passo)
- Come risolvere l’errore critico in WordPress (passo dopo passo)
- Come risolvere il problema di aggiornamento e reindirizzamento della pagina di login di WordPress
- Come risolvere l’errore di stabilire una connessione al database in WordPress
- Come risolvere facilmente l’errore “This Site Can’t Be Reached” (Questo sito non può essere raggiunto) in WordPress
Speriamo che questo tutorial vi abbia aiutato a capire come aggiungere un utente amministratore al database di WordPress tramite MySQL. Potreste anche voler consultare la nostra guida definitiva alla sicurezza di WordPress o il nostro elenco di errori comuni di WordPress e come risolverli.
Se questo articolo vi è piaciuto, iscrivetevi al nostro canale YouTube per le esercitazioni video su WordPress. Potete trovarci anche su Twitter e Facebook.
Syed Balkhi says
Hey WPBeginner readers,
Did you know you can win exciting prizes by commenting on WPBeginner?
Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
You can get more details about the contest from here.
Start sharing your thoughts below to stand a chance to win!
Kris says
I wanted to delete all spam emails registered in my site. I went to myPhpAdmin and deleted all including mine (without knowing). I searched the web ‘til I landed at this page.
Good Job! It worked!
Donato says
Not sure where I went wrong but I get this when trying to login: You do not have sufficient permissions to access this page.
redhad says
Hello Donato,
Change the “wp_” prefix of “wp_capabilities” and “wp_user_level” to whatever prefix you have set. Example, if you changed your wordpress prefix as “mysite_” then the insert command should be:
INSERT INTO `databasename`.`mysite_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, ‘4’, ‘mysite_capabilities’, ‘a:1:{s:13:”administrator”;s:1:”1″;}’);
INSERT INTO `databasename`.`mysite_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, ‘4’, ‘mysite_user_level’, ’10’);
Chetan Dhiman says
Thanks a lot! It helped me a lot !!!
nishad says
Really great help, I solved my admin access error. Thanks.
Rupert says
Great post – quick not – wp_capabilities and wp_user_level need to match the prefix in the DB…
Lou Storiale says
Thank you for this… very easy to follow! I never would have intuitively thought I would have to add two record in the same table. Thank you again.
WordPress add admin record… I never thought I would have gotten this done in 5 minutes.
Allison Wong says
Thank you! I love when things work! I went through the instructions as stated above and everything worked out. Just a tip – if you changed the prefix of your database tables from wp_ to something else, make sure to replace it in the code above.
Houston says
Thanks, Dasha! You’re a life saver! Was stumped until I saw I needed to also change the DB prefix for ‘wp_capabilities’ and ‘wp_user_level’!
Casey Friday says
This has helped me multiple times, when other developers send me sites to work on without making me an admin account. Thanks!
Ruben says
Hi, thanks for the clear tips. It nearly worked – but had to change a:1:{s:13:”administrator”;s:1:”1″;} with a:1:{s:13:”administrator”;s:1:”1″;} – looks the same, just replace all the quotes (which are curly quotes) with normal quotes. Or don’t be lazy andwrite it instead of cut and paste. Otherwise the new user I created didn’t have admin access. Phew that was difficult,
Reena says
omg.. what a life saver. Just a tip you need to update the wp_capabilities meta_key value to ‘a:1:{s:13:”administrator”;b:1;}’. And for some reason it still didn’t allow me to login. So then I just typed in the new username I created and clicked on forgot password. WP sent me a password reset link and all was well.
captain says
how can i add multiple images into wp_usermeta.
Jamie says
I was able to gain access with the original process but now my dashboard is blank. Any ideas on what I need to do? thanks
Nathan Swartz says
As of today you also have to add another entry (and probably not the wp_user_level, not sure about that though), wp_capabilities with a value of a:1:{s:13:”administrator”;b:1;}
Erik says
You’ve got a small bug. you’ll need to update the wp_capabilities meta_key value to ‘a:1:{s:13:”administrator”;b:1;}’ for this to work correctly, otherwise great article
Gabriel Luethje says
Yep, I got locked out until I figured this one out.
Daniel Duckworth says
Thanks Erik!
mitzi says
Thank you! To both the original author and you for the fix. Saving my bacon right now…
Keenan Flogerzi says
Agreed.
Might be a good idea to post those types of things using code formatting, instead of just regular text.
Dasha says
Thank you for the tutorial – very useful. However, it would be handy if there was a note that ‘wp_capabilities’ and ‘wp_user_level’ use default database prefix, i.e. ‘wp_’. If a site uses a custom DB prefix that it should be used in those strings instead.
Houston says
Thanks, Dasha! You saved me!
Juan says
After finding your sollution i tweaked it a bit you can actually do everything in 2 queries without having to remember the id you create.
Both queries have to be executed in the same action (so the same SQL input box).
INSERT INTO `wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`)
VALUES
(NULL , ‘username’, MD5(‘password’), ‘User Name’, ‘email@domain.ext’, ”, NOW(), ”, ‘0’, ‘User Name’);
INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`)
VALUES
(NULL, LAST_INSERT_ID(), ‘wp_capabilities’, ‘a:1:{s:13:”administrator”;s:1:”1″;}’),
(NULL, LAST_INSERT_ID(), ‘wp_user_level’, ’10’);
Sara says
This worked perfectly! Thanks Juan!
codeshark says
This works perfectly and is so much easier than inserting everything manually. Juan, thank you and well done sir.
Jim says
I followed the instructions but keep getting an “invalid username” error when trying to login.
I’ve created 3 different users but still continue getting this error.
AndreaCavallieri says
I have the same problem. How can we solve?
Clare says
So glad I found this. Worked like a dream once I got the correct brackets and the right code for the version of WP that was installed
ReeZh says
It works! running this tuts saving my time. Thanks a lot Mr. Syed.
aleo monts says
GREAT Thanks!
elad says
thanks mate, worked like a charm.
Robin Jennings says
Worked a treat. Nice and simple tutorial- much appreciated.
XYZ says
Thank you very much…it worked.
Abdul Aziz says
not working , i don’t no what mistake i have made…
it’s showing this error
“”” You do not have sufficient permissions to access this page. “”
Steve Della-Valentina says
It seems like the latest version of WordPress has tweaked their meta keys and values to:
dqf_capabilities -> a:1:{s:13:”administrator”;b:1;}
dqf_user_level -> 10
I saw the insufficient permissions prompt before noticing this, then changing the keys and values fixed it!
Alvise says
Hi tried but I always get the same warning : You don’t have permissions……
What can I do??
Thanks!
Andy says
it’s the quotes. Curly quotes are not the same in your DB. Paste that line into your DB, then delete the quotes you pasted in and type new ones.
mbd says
this is solution.. thanks
Ginette says
Was ok one day and then the next – lost my admin access. Thanks for this – saved me a heap of frustration. Plus I’ve learnt some sql to boot!
Cheers!
Joe Hana says
Thanks for this post. Just helped me to save some time. Works great.
Raspal says
Hello,
I had a blog hosted at web host A and moved to another webhost recently. I don’t have the account with web host A any longer but have the full backup of the WP blog on my computer. I restored the backup to this new webhost B and the database as well. The blog is accessible fine. But I’m not able to login to wp-admin using any of the three admin user logins I have in the database. I checked the database from phymyadmin and all the three users are there fine.
I also tried to change passwords of these users. I get the link to change the password, but when I try to login to wp-admin using the new password, even then I get the same WP login screen without any error shown.
I also tried the method you gave above, to create a new user. I did as per all the steps and also tried what the commenters have suggested, but still I’m not able to login.
I tried deleting all the tables for this blog and then again imported the database. Doing this and trying to logging in just gives a message that the database needs to be updated before I can login. So, clicking the yes, I again get the login screen and the above process repeats – getting the same WP login screen with no error.
Note that I’m using the WP Better Security plugin and even tried deleting the plugin using FTP, but the same thing, still.
Can you tell me what can be done in this situation and where am I going wrong? Please help.
Thank you.
Kind Regards,
Raspal
WPBeginner Support says
Please check your wp-config.php file make sure that it has your new database name, username, and host information. Delete .htaccess file from the root of your site. Rename plugins directory in your /wp-content/ folder. This will deactivate all your plugins. Lastly, in phpmyadmin go to wp_options table and look for homeurl and siteurl options make sure they are pointing to your domain name. Report back if none of these steps resolve your issue.
Admin
Raspal says
Thanks for the help. I re-checked everything you mentioned above and all those things were perfect. After 2 days of fiddling, it striked me that I hadn’t tried clearing Chrome’s cache and cookies, silly me! This simple thing solved the problems which wasted my two days’ time. Sorry to have wasted your and others’ time too who read this.
Anyway, everyone make sure to clear your cookies and cache every few days, Cookies and cache are responsible for really wierd problems. I don’t know about others but I like to keep my cookies for ages because they contain passwords to many (not-so-important but regular) sites I visit. And I take it for granted that cookies aren’t the culprit. Turned out to be wrong! Now, I have sent myself a reminder which tells me to clear the cookies and cache from all my browsers.
Thanks again for the help. At least the options you mentioned, I will surely remember if something like this happens again. And I also learnt how to use phpmyadmin to create and even edit WP users.
And in the process, I saw a table called lockdowns. This is created by WP Better Security plugin and I now know that I can clear this table or change the values if I am locked out of the login screen for bad logins. Thanks Syed and editorial staff!
Kind Regards,
Raspal
Colin Steinmann says
There is a very slight (but critical) typo in your tutorial:
a:1:{s:13:”administrator”;s:1:”1″;} <—-this is not correct by a single character
a:1:{s:13:"administrator";s:1:"1";} <—-this is correct, the final ″ should be a "
The two characters look almost exactly the same, but they are slightly different.
Julio says
This was very helpful. I was getting a “not enough access” error. After this tweak, we’re all set.
Alex says
Thank you very much! That was the solution to make this tutorial work nice!!!
Tiago says
Nice, it works!
Just chanced the a:1:{s:13:”administrator”;b:1;} for the equivalent already listed in wp-capabilities and worked fine to me.
Lane says
I’ve followed all these steps, but it doesn’t appear my new user I created has been given admin role. When I log in to WordPress with the username and password I just created all I am able to see is the “Profiles” tab of the dashboard. Obviously I am missing a step along the way, but I have created two new users following this and it’s happened both time. Does anyone know what I may be doing wrong?
Haseeb Ahmad Ayazi says
Can I use this Same Procedure for Multisite…????
Haseeb Ahmad Ayazi says
Didn”t work… I am unable to login in my multisite network. Please Help me
Hope Corizzo says
Wow. Many thanks! php always freaks me out, and I was able to follow this very well. I appreciate it.
Editorial Staff says
Glad it worked out
Admin
alan says
This don’t work tried loads of times and still cannot log in.
(unmeta_id – leave this blank (it will be auto-generated)
user_id – this will be the id of the user you created in the previous step. Remember we picked 4.
meta_key – this should be wp_capabilities
meta_value – insert this: a:1:{s:13:”administrator”;s:1:”1″;}
Insert another row with the following information:
unmeta_id – leave this blank (it will be auto-generated)
user_id – this will be the id of the user you created in the previous step. Remember we picked 4.
meta_key – this should be wp_user_level
meta_value – 10 )
this part is where i think i am going wrong , i can see user created but it does not log in
Kristian Lander says
a useful guide, to an issue i found of a hacker who deleted the admin alos. however upon inserting a new admin. i get the error message of INSERT command denied to user “database name” @hosting for table “wp_users”
any ideas?
Anthony says
Thanks, this works a treat. I just copied your SQL and ping! I used MySQL Bench not phpmyadmin.
Oscar Rottink says
Maybe a weird question, but I followed the steps and can’t login. Also watched for the brackets etc.
So I tried ‘forgot password’ and entered my e-mail which is also in the wp_users table. But it says no user is registered with that e-mail.
Anyone a clue what I missed?
Oscar Rottink says
OMG sorry. My fault. I didn’t changed the base URL in the database so my local copy (and login) were pointing at the original site. Feeling stupid.
Adam says
If you copied the code a:1:{s:13:”administrator”;b:1;} from this blog, it is possible that you got curly quotes instead of regular quotes, which will not work.
Gleb says
Man, thanks! Easiest things get easily forgotten
You saved me digging through the database for answers..
Jasper Frumau says
Thanks for that tip. Now it does work fine and dandy.
Albert A. Ninyeh says
There was a problem with the wp_capabilities valve you gave and the problem was with the quotes. the correct one is: wp_capabilities should be a:1:{s:13:”administrator”;s:1:”1″;}
Anyone who wants to solve this problem should copy it exactly as it appears.
George says
I by accident logged in before adding the “usermeta” info. It of course read “You do not have sufficient permissions to access this page.” Even after I added the usermeta info I get the same thing.
Any thoughts on this?
Editorial Staff says
Check to see if the prefix is the same as your main database prefix. We are assuming that the user is using the default wp_ prefix. If your database prefix is something else, then it wouldn’t work.
Admin
Nat says
I’ve tried everything and I still keep getting “You do not have sufficient permissions to access this page.” Any ideas on why this might be happening? Thanks.
David Abramson says
I was getting the same error message and I think the problem comes from the check box in the second row that says “ignore”. It was checked by default for me and I got it to work once I unchecked that box.
JasonC says
Thank you so much this finally allowed me to get into my site. I tried every possible option to reset the admin password but nothing would work. I created the new account and logged in as administrator and was then able to export my work. Thanks again!
Vic Dinovici says
Hi, great article, thanks! Have a different issue though, my entire wp_users table got deleted and I don’t know how to create a wp_users table using phpMyAdmin. Can anyone help? Thanks!
Editorial Staff says
Did you try repairing your database using the WordPress repair tool? Maybe that adds it back. Otherwise, you are better off reinstalling WordPress. For future, keep good backups.
Admin
Vic Dinovici says
using the repairing DB WordPress tool won’t create the wp_users table. What I did is deleting the unused tables from the old one, lowering it’s size and uploading it again. It worked. Thanks.
sibz says
After attempting to log in it sais..
You do not have sufficient permissions to access this page
why did this happen?
Thanks
Editorial Staff says
This happens if your user permissions level aren’t correct. Can you make sure that the permission level is the same as the other admin user in your phpMyAdmin
Admin
Sibz says
I have applied same user level as 10.
But still does not work
Can my developer have any access to my
Cpanel if she doesnt have my ftp or cpanel
Log in details?
I see in phpmyadmin she is listed as admin.
Its all so confusing especially when im new to all
Of this!
Chris Cox says
Guide is out of date. The correct string for wp_capabilities is now:
a:1:{s:13:”administrator”;s:1:”1″;}
Editorial Staff says
Updated the guide.
Aman Yadav says
Thanks it worked perfectly for me
John says
Thank you. You just saved my arse!!
nimbleswitch says
I echo Ravi’s suggestion to copy the meta value from another admin. In my case “wp_capabilities” was actually databaseName-“_capabilities” and my admin level looked like this: a:2:{s:13:”administrator”;s:1:”1″;s:17:”gform_full_access”;s:1:”1″;}
Thanks for the great article. Saved my day.
Iryna says
Copying of the wp_capabiblities-value from another admin helped me to. In my case the value was a:1:{s:13:”administrator”;s:1:”1″;}. Until this change I had recieved: “You do not have sufficient permissions to access this page.”
ravidreams says
Thanks for the useful article.
a:1:{s:13:”administrator”;b:1;} didn’t work for me. I had to copy the meta value from another admin user and then it worked.
michoscopic says
For those who encounter “You do not have sufficient permissions to access this page.”, replace “wp_capabilities” with your full wordpress table name, e.g. if your usermeta tables are called wp_yourtableusermeta (as opposed to wp_usermeta in this tutorial), then you need to use wp_yourtablecapabilities instead. Same goes for wp_user_level, change it to wp_yourtableuser_level. Hope this helps.
MohitBumb says
You do not have sufficient permissions to access this page.
mr.minhkhang says
In my opinion tampering with MySQL should not be on wp’beginner’, messing around with the database is simply not a beginner thing.
I don’t know when this was posted, but the time when WordPress used MD5 has long gone. This article should be updated to use wp_hash_password instead.
Tiago says
One day you need to begin to mess around with not so beginner things.. lols
annedreshfield says
Hi guys, Anne here, community manager intern at Livefyre. Welcome! Just wanted to drop in and say that everyone here loves this blog; it’s full to the brim with fantastic information. Can’t wait to read more!
blainesch says
I was pretty sure the password was md5 but also using a salt stored in the config file it creates.
Kosta Welissariou says
Hi,
I hope to get some help here. My blog was hacked with some base64 stuff. I can solve 99% of all the problems but I have 2 Admins in my wp Backend that need to be removed from mysql table before I can take other actions
Sorry, no clue how to track the adin in the table and remove them
WP latest
Access to the mysql database
tks
Kosta
Editorial Staff says
Look in the wp_users table. Delete the users that you don’t want.
Admin
phil says
If it was salted, just follow the steps, add a real email and have it send you a password reset. Boom.
hope that helped.