Fix “Sorry, you are not allowed to access this page”
Fix “Sorry, you are not allowed to access this page” in WordPress
If you see the message “Sorry, you are not allowed to access this page” when trying to access your WordPress admin dashboard or certain pages, it usually means your user permissions or site configuration are misconfigured. This error can block you from managing your site, but the fix is often straightforward.
Quick fix: Reset your user roles and capabilities or fix your site’s .htaccess or Nginx config to restore proper access.
Quick Fix
- Access your WordPress database via phpMyAdmin or a database client.
- Run this SQL query to reset your admin user capabilities (replace
1with your user ID if different):
DELETE FROM wp_usermeta WHERE user_id = 1 AND meta_key = 'wp_capabilities';
INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (1, 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');- Check your
.htaccess(Apache) or Nginx config for incorrect rules blocking access. - Clear your browser cache and cookies, then log in again.
Why This Happens
- Corrupted user roles or capabilities: Plugins or manual changes can accidentally remove or alter administrator capabilities, causing WordPress to block access.
- Incorrect file permissions or ownership: Server permissions that restrict access to key WordPress files can trigger this error.
- Misconfigured .htaccess or Nginx rules: Security rules or redirects may unintentionally block admin pages.
- Plugin or theme conflicts: Faulty or incompatible plugins/themes can interfere with user permissions.
- Database issues: Corrupted or missing database entries related to user roles.
Step-by-step Fix
1. Reset Administrator Capabilities via Database
Use phpMyAdmin or your preferred database tool to run these commands. Replace wp_ with your database prefix if different, and 1 with your admin user ID if needed.
DELETE FROM wp_usermeta WHERE user_id = 1 AND meta_key = 'wp_capabilities';
INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (1, 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');This removes any corrupted capabilities and restores administrator rights.
2. Check and Fix File Permissions
Connect to your server via SSH or FTP and run these commands to set correct permissions:
find /path/to/wordpress/ -type d -exec chmod 755 {} ;
find /path/to/wordpress/ -type f -exec chmod 644 {} ;Replace /path/to/wordpress/ with your actual WordPress root directory.
3. Verify .htaccess (Apache) or Nginx Configuration
For Apache: Check your .htaccess file in the WordPress root. It should contain the standard WordPress rules:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPressIf you have custom rules blocking access, comment them out or remove them temporarily.
For Nginx: Check your site configuration file, usually located in /etc/nginx/sites-available/. Ensure your location blocks allow access to /wp-admin and /wp-login.php. A minimal working example:
location /wp-admin/ {
try_files $uri $uri/ /index.php?$args;
}
location = /wp-login.php {
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # adjust PHP version/socket
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}Reload Nginx after changes:
sudo nginx -t
sudo systemctl reload nginx4. Disable All Plugins Temporarily
If the problem persists, disable plugins by renaming the plugins folder via FTP or SSH:
mv /path/to/wordpress/wp-content/plugins /path/to/wordpress/wp-content/plugins-disabledTry accessing the admin again. If successful, rename the folder back and reactivate plugins one by one to find the culprit.
5. Switch to Default Theme
Rename your active theme folder to force WordPress to use a default theme like Twenty Twenty-One:
mv /path/to/wordpress/wp-content/themes/your-active-theme /path/to/wordpress/wp-content/themes/your-active-theme-disabledCheck if access is restored.
Works on
| Environment | Notes |
|---|---|
| Apache | Fixes .htaccess and permissions issues |
| Nginx | Fixes server config for admin access |
| cPanel | Access phpMyAdmin, file manager, and terminal for fixes |
| Plesk | Use database manager and file manager for troubleshooting |
| LiteSpeed | Similar to Apache, check .htaccess and permissions |
FAQ
Q1: I can’t access phpMyAdmin. How else can I reset user capabilities?
If you have SSH access, you can use WP-CLI commands:
wp user set-role 1 administratorThis sets user ID 1 to administrator.
Q2: Could a plugin cause this error?
Yes. Plugins that modify user roles or security plugins can cause permission issues. Disable plugins temporarily to test.