Home Blog WordPress Management How to access the activity logs when you can’t login to WordPress

How to access activity logs to troubleshoot the issue

How to access the activity logs when you can’t login to WordPress

Not being able to log in to WordPress is perhaps one of the more frustrating issues – after all, how do you even start to troubleshoot if you can’t even log in? Fortunately, there are ways and means to start the troubleshooting process without ever logging into WordPress. This is what we will be discussing throughout the article.
Start with the logs

Start with the logs

A WordPress website’s activity logs are the screwdriver of the administrator’s toolbox – easy to forget or overlook, but equally essential to completing administrative tasks. They provide a worded movie of everything that goes on in your WordPress. And just like movies, they contain clues and hints as to who the real culprit is – something that’s very helpful when troubleshooting problems such as login issues.

How to access Activity Logs

Usually, accessing activity logs is very easy – all you need to do is click on WP Activity Logs from the back-end left-hand menu, and voila, you’re there. If you are unable to log in, however, accessing the logs might not be as straightforward.

There are essentially two ways you can go about accessing the logs without logging in. The method you’ll choose will ultimately depend on your plan and the plugin’s configuration.

The premium plan offers many functions that are not available with the free plan, including mirroring activity logs to a third party log management services such as Loggly, AWS CloudWatch and others. If you have this configured, you can simply head over to your 3rd party console, and the logs will be there.

If you’re on the free plan or have not configured log mirroring, do not panic, as you can still access the logs. However, keep in mind that this method requires some technical expertise, primarily in WordPress folder/file structures and MySQL. The rest of the article will explain how the process works.

Understanding how WordPress stores data

WordPress stores data in one of two locations – the MySQL database and the files and folders on the web server. Generally speaking, posts, media, plugins, and configurations go in files and folders while everything else goes in the MySQL database. To this end, we will find our activity log entries in the MySQL database.

We can access the MySQL database in one of two ways, depending on your web server configuration. The easiest, or perhaps the most user-friendly way, is through phpMyAdmin since this offers a graphical user interface through which we can view the databases on the server. If your web server does not have phpMyAdmin installed, and you cannot install it, then good old SSH will be your best bet moving forward.

Some hosting providers also include access to CPanel, which depending on how it’s configured, might give you direct access to SSH terminal and phpMyAdmin. If you have access to both, choose the one you’re most comfortable using.

Once you have confirmed access to the MySQL database, refer to the WordPress activity log database documentation to learn which tables you need to access.

What you’re going to look for here is the list of events between your last successful login and the start of the login issues. Mainly, you’re going to want to pay special attention to the following events –

Changes in your password

Your password might have changed since you last logged in either by yourself or by someone who gained unauthorized access to your user account. Either way, a password change will show in the logs under your username.

With WP Activity Log being the most comprehensive WordPress activity log on the market, there are quite a few event IDs you can look out for. These can help you trace what happened in a lot of detail, which in turn will aid you in finding a quick resolution:

1010 – The user requested a password reset
4003 – The user changed their password
4004 – The user change the password of another user
4029 – A password reset request was sent to a user

The good news is that you can reset the password for your WordPress account by accessing the relevant MySQL database table. User accounts reside in the wp_users table. Once you locate the database entry for your user account, click on Edit and define a new password in the relevant field. It’s imperative to set the Function as MD5.

Changes in plugins

Some plugins might inadvertently cause an issue with the login process. Potential culprits may include plugins that have either been installed or updated since your last successful login.

If you haven’t made many changes, the troubleshooting process should be fairly straightforward. However, if you haven’t been keeping tabs on who installed what and which plugin updates were recently installed the process might very well turn into a forensic investigation.

Luckily, WP Activity Log keeps track of a number of plugin changes that can help you quickly narrow down events without resorting to guesswork. Keep an eye out for the following events:

5000 – A plugin was installed
5001 – A plugin was activated
5002 – A plugin was deactivated
5003 – A plugin was uninstalled
5004 – A plugin was updated

These events barely scratch the surface of what WP Activity Log keeps a record of, but it gives you a good starting point. To ensure your troubleshooting is as thorough as possible, refer to the full list of WP Activity Log event IDs.

Consider disabling the plugin if you notice plugin activity between your last successful login and when the logging issue started.

To manually disable a WordPress plugin, you’ll need to access your WordPress directory and head to /wp-content/plugins. Here, you will need to locate the folder of the plugin in question and rename it. Once you rename it, WordPress will lose the path to the directory and not load it. It’s not the cleanest of ways to disable the plugin, but it is the recommended route to take in situations where you cannot log in.

Changes in themes

Like plugins, themes can cause issues with the login process. If you note that a theme has been installed or updated, consider disabling it. We can achieve this the same way we disable plugins – by renaming the folder. You’ll find themes in the wp-content/themes directory.

WP Activity Log also keeps an extensive log of theme related activities, helping you troubleshoot any problems that may arise from theme changes. While the scope of theme activities that the plugin is able to record is quite vast, you’ll want to look out for the following events in particular:

5005 – A theme was installed
5006 – A theme was activated
5007 – A theme was deleted

It’s important to note that WordPress will load the default theme when it does not find the active theme. Do keep in mind that this might break a thing or two on your website, so be sure to remember to revert to your original theme once you complete troubleshooting.

Other issues to look out for

Some other potential issues can stop you from logging in to your WordPress, including corruption of files such as wp-login.php and wp-config.php that will manifest in different ways. If you have the WordPress File Changes Monitor plugin installed, it’s going to be easy to find out which files have changed. You can even access the MySQL table for this plugin by following the same directions as provided for the WP Activity Log plugin earlier.

Posted inWordPress Management
Joel Farrugia
Joel Barbara

Joel is our technical writer responsible for writing the different kinds of content we need. With a background in tech and content, he has a passion for making technology accessible and understandable for everyone. You can reach Joel at joel@melapress.com.

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay in the loop

Subscribe to the Melapress newsletter and receive curated WordPress management and security tips and content.

Newsletter icon

It’s free and you can unsubscribe whenever you want. Check our blog for a taste.

Envelope icon