We have so far resolved literally hundreds of cases where people were not able to login to their Joomla websites. Since our aim is to always make the life of a Joomla administrator as easy as possible, we have decided to list the top 10 reasons that result in the inability for one to login to a Joomla website, as well as the solution to each one of them. Without further delay, here they are:
- The user is trying to login with a wrong password
Yes – we know it’s very obvious, but sometimes even the most obvious things are not that obvious, especially when one mistakes a zero (0) with an o (the letter o), an l (lowercase L) with an I, thinks that the question mark at the end of the password is just a typo (this happened to us!), or confuses a dash (-) with an underscore (_).
Of course, in many cases, the user is entering the password that he used to use all the time, except that that password has changed – probably by someone else or by a script.
Remedy: There are multiple remedies to this solution. If one has FTP access, then he can just create a script containing and UPDATE query that will reset the user’s password. If one is blessed with a phpMyAdmin access, then all he needs to do is to login to phpMyAdmin, go the #__users table, and change the password field for the affected user with the password of his choice (note that he must choose MD5 as a Function for the password to work).
-
The account for that particular user is blocked
Any user (even a super administrator) can be blocked from Joomla’s backend – additionally, a user can be blocked if he had too many failed login attempts. Once that user is blocked, he won’t be able to login (even if the password is correct).
Remedy: Any user can be unblocked by logging in to phpMyAdmin, going to the #__users table, and then setting the block field for the affected user to 0 (instead of 1).
-
There is a JavaScript error on the login page
Joomla needs JavaScript to login users to the backend – as such, a JavaScript error on your login page can corrupt the login routine (so, when users click on the Log in button, nothing will happen).
Remedy: Check your browser’s error console for any JavaScript errors if you’re pressing the Log in button and nothing is happening. If you’re not a programmer, then we suggest you let a programmer handle this for you: JavaScript errors are super hard to debug and fixing a JS error can break something else.
-
The Joomla backend login module does not exist
When this happens, not only the person won’t be able to login to Joomla – he just won’t be able to see the login form. We have discussed this issue in detail here.
Remedy: We suggest that you read the above post for the complete solution; in short, what you need to do is to restore the mod_login folder under administrator/modules directory.
-
There is a fatal error on your website
When this happens – you either see a completely blank page or a descriptive error, depending on your error reporting settings. Fatal errors are usually caused by an error in a 3rd party system plugin or by a recent modification to your Joomla’s core.
Remedy: The cause of this fatal error varies from one case to another, and, as such, we can’t give a generic solution to this one. If you’re a programmer, you can enable error reporting (if it’s not already enabled) to see what the actual error is and to fix it. If you’re not a programmer, then your best bet would be to call some Joomla experts (like us!). Note: We have written about this exact scenario before.
-
The admin template does not exist or Joomla doesn’t have enough permissions to read it
We have seen this case a few times and we have written about it. When the administrator template doesn’t exist, then the login form will be completely blank (similarly to the previous point) and as such, the Joomla administrator won’t be able to login.
Remedy: Reset the permissions (recursively) on the admin template to 444 to allow Joomla to read it, or, if the admin template was completely deleted, then re-upload it from scratch or fallback to the default one. (By the way, we’re surprised that Joomla doesn’t fall back automatically in the backend to another template when that template can’t be read because this is what it does on the frontend.)
-
Joomla is unable to write to the logs directory
In order for Joomla to complete a successful login, it must have write access to the logs directory located under the root directory of the website. If it doesn’t, then the login fails and no error is displayed – which is very, very confusing!
Remedy: The problem can be solved by changing the permissions of the logs directory under the Joomla website’s root to 777. (This can be done in any FTP client).
-
The Joomla Authentication plugin is disabled
99.99% of Joomla websites use the Joomla Authentication plugin for logging in users through the backend. The remaining 0.01% use other authentication plugins, such as ldap and gmail. For the 99.99% of Joomla websites, if the Joomla Authentication plugin is disabled, then people will be redirected back to the login page (with no error) when they try to login.
Remedy: This issue can be addressed by logging in to phpMyAdmin, going to the #__extensions table, and then setting the enabled field of the plg_joomla_authentication plugin to 1.
Note: When this problem happens, and if other authentications methods (such as ldap) are enabled, then the login process will take a while before redirecting back to the login page (this is because Joomla will be checking the ldap directory, which usually takes some time).
-
The Joomla User plugin is disabled
The Joomla User plugin is responsible for handling all user activity in Joomla. If that plugin is disabled, then even if the login is successful, then Joomla will redirect back to the login page without showing any errors as it doesn’t know what to do with the logged in user (makes sense?). This problem is extremely nasty because it’s very hard to debug – even for seasoned Joomla developers.
Remedy: This issue can be resolved by logging in to phpMyAdmin, going to the table #__extensions, and setting the enabled value of the plg_user_joomla row to 1.
-
Joomla’s ACL is messed up
We saved the best (or is it the worst?) for last! A messed up ACL can potentially completely block any login attempts to your Joomla website. Not only that, it can wreak havoc on the frontend of your website as well. There are many signs that you have a messed up ACL, one of them is being able to login, but seeing a completely empty top menu in your backend. So you can login, but you just can’t do anything!
Remedy: Consult with a Joomla expert. Joomla’s ACL is pretty delicate so do not attempt to fix this problem by yourself or else you might risk breaking other areas on your website.
We hope that you find the above guide comprehensive, and, more importantly, we hope that it helped you solve your problem. If it didn’t, then probably the next step would be to contact us. We guarantee you that we’ll fix the problem as fast as we can and at a very affordable cost!
[…] Lists), and that’s the heart of the problem. As we have mentioned before (see point #10 in this post), a messed up ACL can cause login issues. So, in short, if you’re having the same problem, […]
Hi. I can not login to the back end and the site is down. When I try to connect to the backend i get the:
“Forbidden: You don’t have permission to access /administrator/ on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.” error.
The site gives the following error: “Fatal error: Class ‘K2Model’ not found in /home/airsofts/public_html/plugins/system/k2/k2.php on line 411”. I changed the administrator permission in the backend and screwed this up and I do not know how to fix it be. I already tried the above steps and I do not have those issues (all enabled fields are set to 1).
Can you please help? Thank you.
Hi Claude,
For the administrator issue, it might that you’re using Admin Tools, or another firewall, that blocks direct access to the administrator folder (which means that the link to the administrator will contain a hash for it to work).
As for the error you’re seeing on your website, try disabling the K2 plugin from the database and see if that helps.
Hi guys,
I’ve found another error. The variable $cookie_domain must match the site URL or must be empty! I couldn’t login to the admin and site login, because I was on the “wrong” domain (I’ve 2 domains with different top level domains…)
Maybe a hint for another person!
Cheers!
This saved my night. Issue was the Joomla User Plugin not enabled. I thank you sooo much.
Here’s one not on your list. Also, I’ve administered many Joomla sites and have never seen this happen before.
“You cannot access the private section of this site.”
“Please login first.”
So I login, but it returns the same page over and over, never logging me in.
The ONLY cure I have found for this is deleting the site’s cookies. This is a recurrent issue requiring regularly clearing out all site cookies.
Not a great scenario for site visitors.
It is possible that this could have something to do with a “Public” menu I created that doesn’t display for logged in users (using the Guest user feature) but it shouldn’t, since the pages I’m trying to access are set to registered only access.
Once this happens, even returning to the home page (which will load the above mentioned menu) doesn’t work.
Delete all cookies and everything is fine again for a while until it happens again, which can happen almost daily for me.
Sorry I should have mentioned this ONLY affects the front end, not the admin panels.
Thanks a lot Stefan!!! The $cookie_domain variable made this login problem for me after I installed a test site. Just leave it empty.
My winginx server is working but when when i type “http://localhost/demo/joomla/administrator/” in url, it is showing webpage not available. I didnt change any setting or foldername and suddenly it stopped working. What may be the problem?
Hi Surya,
A few questions so that we can better help:
– Is the frontend of the website working?
– If you go to http://localhost/demo/joomla/administrator/index.php will it work?
– If you create a php file under the “administrator” folder and then browse to it will it work?
Hi,
Good to know as well, I wasn’t able to connect on my backend, nothing happened when I tried to log in, just a kind of refresh.
And then I remembered that I tried to change the Cookies settings. My problem was coming from cookies settings. I hope this helps others who tried to do the same.
Cheers.
Hi, I have the correct password and login. However, when I login to the system, I get the error
You don’t have permission to access /administrator/index.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
what could be the issue?
This might be related to some wrong settings in your .htaccess file. Possibly related to mod_security. Try using a fresh .htaccess file from a clean Joomla install and see if that fixes the problem.
Clearing my browser cookies did the trick!
Hi, I had problems logging in, and found out it was caused because I turned off the ability to save cookies…
My scenario was:
I can’t go inside the control panel of the administrator and all users are blocked on the front-end.
The only way to resolve this was to delete the name of the website in the cookie in the configuration file trough FTP (e.g. leave the value blank).
I tried all: Database, phpMyAdmin, change user, cleaning browser cache, change PC, recharge a backup of the folder administrator, and many many other.
Thanks
Nicola
I am running Joomla 1.5. I cannot get in, I tried changing the MD5 password but that didn’t work. I want to try what worked for you: “Delete the name of the website in the cookie in the configuration file” What line in configuration.php, should I edit?
Hi NP,
The cookie solution is only for Joomla 2.5 and up – you have Joomla 1.5 so that won’t work for you. Have you checked the $tmp_path and log_path variables and made sure that they point to the right locations and also made sure that Joomla can write to these locations?
I would add this one:
11. The site is protected by JSecure.
#9 saved my life, thank you!
I got this error in FPA report:
[10-Nov-2015 21:43:29 America/Denver] PHP Fatal error: Call to a member function get() on a non-object in /home2/mysite/public_html/components/com_users/models/login.php on line 62
this must be the problem, but what is wrong?
62 if ($return = $input->$method->get(‘return’, ”, ‘BASE64’))
{
$data[‘return’] = 66 base64_decode($return);
if (!JUri::isInternal($data[‘return’]))
{
$data[‘return’] = ”;
}
70 }
Hi,
I’ve experienced the problem of #8, however the login still doesn’t work (I enabled the correct (Joomla) plugin about 5 minutes ago, both Idap and gmail plugin were enabled but not anymore).
” When this problem happens, and if other authentications methods (such as ldap) are enabled, then the login process will take a while before redirecting back to the login page (this is because Joomla will be checking the ldap directory, which usually takes some time)”
How long does it usually take before I can log in again? A few minutes, hours or days?
Many thanks in advance!
Thank you! Worked for me, thought I’d lose the rest of my hair!
Hi Tintin,
It definitely shouldn’t take minutes! My guess is that there is something else to it. Please let us know here if the problem still persists (we’ll respond faster this time!).
Hi Chris,
Have you just updated your Joomla website? The issue you’re having looks like it’s caused by a botched Joomla update.
Hi, I don’t think my problem is any of the above, but I am not a programmer. I have been provided the username and password to login to a joomla site, but it keeps telling me that the username or password doesn’t match. The language on the error message is this:
Warning
Username and password do not match or you do not have an account yet.
The person providing the information swears that it is correct and works for her. Is there any issue that would prompt the system to tell me that it’s an incorrect password or invalid username when in fact it is correct? Sorry for the lack of detail. I feel like I am operating blind! Thanks so much!
Hi Alex,
If the other person is able to login then if you are copying the username or the password make sure that there are no trailing spaces anywhere.
Hi Fadi!
Thank you so much for your response. I had that same thought and so went a step further and typed the password instead of copying and pasting. I’ve tried every combination I can think of to no avail…
I have user_joomla enabled, Authentication enable, cookies is set properly in the config.php file, however I’m still getting the login loop. I’ve deleted browser cookies, and nothing is letting me in. I’m totally confused, because the site was working perfectly.
Hi Mark,
Check to see if you have non-core “user” plugins enabled. If you have, then disable them all. You will only need the “User – Joomla!” plugin enabled in the plugin type “user”.
Note: The “User Profile” and the “User – Contact Creator” core user plugins are not critical for normal Joomla websites, but they can be enabled (if needed) with no problem.
Came across another reason not to be able to log in as user of the front end…
“Public” users were being denied access to the log-in form resulting in a never ending cycle of login attempts which returned to the home page without further result.
Their “Site Login” permissions were being calculated as “Not Allowed (Default)”, whereas once I’d manually allowed access all was fine and dandy.
Hope this helps someone else retain a little more hair than I did trying to figure this out.
Hi Tim,
Thanks! But the real question is, why were their calculated permissions as “Not Allowed” all of a sudden (if, of course, this happened all of a sudden)?
I am glad that you were able to fix the problem, but I’m concerned that the issue that you resolved may be part of a bigger issue.
I would add a reason that prevented me for several days to login to the fronted of one of the Joomla 3.X websites I manage, while I was perfectly able to log in to the backend: an error in the php.ini file, where the megabytes of the ‘upload_max_filesize’ and ‘post_max_size’ were written as ‘MB’ i/o ‘M’.
The same mistake was also blocking the functioning of the contact module, no email was passed on. Upon correction, both functions returned immediately to the normality.
Hope this can help someone else, as it is unacceptable to be blocked for days considering this supposedly small error.
Regards, Franco
Hi Franco,
Thanks for sharing your experience. It is indeed very annoying when a missing character can cause some functionalities or even the whole website to stop working!
Hi, I just took over a website and the passwords didn’t work so i reset them via phpMyAdmin. Now I can login but a blank page appears with the following error:
Error 1054 Unknown column ‘a.client_id’ in ‘where clause’
Please help…
Hi Nathan,
The above error is caused by the issue that the field `client_id` is missing from your `#__menu_types` table. You should run the below query in phpMyAdmin (make sure you replace #__ with the value of $dbprefix which is defined in the configuration.php file):
ALTER TABLE `#__menu_types` ADD `client_id` TINYINT NULL DEFAULT '0';
Assuming user and password is absoluely correct, another reason log in does not work:
1) Cookies have been disabled in your browser. Check your browser cookie settings, allow cookies to be set by your joomla site
or
2) The session cookie is set but not on the domain root. In this case edit the configuration file,
find: public $cookie_domain = ”; and ensure is correct or remove anything in the ”to go to default setting.
Without a log in cookie being set then clicking on the log in button does nothing and you stay where you are! I would add this as one of the 11 reasons! I’ve had no end of users who block all cookies and then cannot login to anysite that sets login session cookies as joomla does.