June 18, 2020 – Tested with WP 5.4.2.
March 23, 2018 – Updated the default value for wp_user_roles from WP 4.9.4. Everything else in this post still applies.
Recently, a client came to us with a problem – they were suddenly unable to log in to their WordPress/WooCommerce site.
Even when logged in as Administrator, You do not have sufficient permissions to access this page error message was displayed and it was not possible to navigate to any page in wp-admin – even the account’s profile page. This symptom indicates that WP cannot find the roles and permissions of your account from the database – so it assumes you don’t have any permissions at all.
The most typical cause for this problem is the database prefix setting. In wp-config.php, it looks like this:
/** * WordPress Database Table prefix. * * You can have multiple installations in one database if you give each a unique * prefix. Only numbers, letters, and underscores please! */ $table_prefix = 'wp_';
Some developers change the DB prefix for various reasons (which I’ll not discuss in this post). When this is done during the installation process, it shouldn’t cause any problems. However, when migrating your site or changing the DB prefix after installation, there’s a chance to break something. This is because the field titled “Database Table Prefix” is actually not only for table prefixes, but also for some field prefixes. For example, each account’s capabilities (i.e. permissions) are stored in [$table_prefix]usermeta table on the row where meta_key is [$table_prefix]capabilities.
So if your table prefix is “ASD_” then that table row’s meta key is not ‘wp_capabilities’ but ‘ASD_capabilities’.
The same applies for quite a few other usermeta fields, options fields, etc.
However, in my case this was not the problem. I reviewed the db table fields and everything looked fine. So the next step in debugging the problem was disabling all plugins – the client had installed some suspicious plugins from CodeCanyon and I assumed they were causing this issue. But this didn’t give me any results either.
Next, I wanted to make sure that it actually is an issue with the database, so I wrote a simple function which filters all capability checks and returns true.
// This goes to your theme's functions.php
function codelight_all_permissions( $allcaps, $cap, $args ) {
$allcaps[$cap[0]] = true;
return $allcaps;
}
add_filter( 'user_has_cap', 'codelight_all_permissions', 0, 3 );
After adding this code to the theme, I was able to log in, which confirmed my suspicion that it was an issue with the database. A quick look in WP admin revealed that something had deleted all user roles and there was only one role remaining (which was called something like Wholesale Customer).
In order to restore the default roles, I re-added the default content to wp_options table, wp_user_roles option (this has not changed between WP v4.9.x and v5.4.x)
a:5:{s:13:"administrator";a:2:{s:4:"name";s:13:"Administrator";s:12:"capabilities";a:61:{s:13:"switch_themes";b:1;s:11:"edit_themes";b:1;s:16:"activate_plugins";b:1;s:12:"edit_plugins";b:1;s:10:"edit_users";b:1;s:10:"edit_files";b:1;s:14:"manage_options";b:1;s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:6:"import";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:8:"level_10";b:1;s:7:"level_9";b:1;s:7:"level_8";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;s:12:"delete_users";b:1;s:12:"create_users";b:1;s:17:"unfiltered_upload";b:1;s:14:"edit_dashboard";b:1;s:14:"update_plugins";b:1;s:14:"delete_plugins";b:1;s:15:"install_plugins";b:1;s:13:"update_themes";b:1;s:14:"install_themes";b:1;s:11:"update_core";b:1;s:10:"list_users";b:1;s:12:"remove_users";b:1;s:13:"promote_users";b:1;s:18:"edit_theme_options";b:1;s:13:"delete_themes";b:1;s:6:"export";b:1;}}s:6:"editor";a:2:{s:4:"name";s:6:"Editor";s:12:"capabilities";a:34:{s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;}}s:6:"author";a:2:{s:4:"name";s:6:"Author";s:12:"capabilities";a:10:{s:12:"upload_files";b:1;s:10:"edit_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:4:"read";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;s:22:"delete_published_posts";b:1;}}s:11:"contributor";a:2:{s:4:"name";s:11:"Contributor";s:12:"capabilities";a:5:{s:10:"edit_posts";b:1;s:4:"read";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;}}s:10:"subscriber";a:2:{s:4:"name";s:10:"Subscriber";s:12:"capabilities";a:2:{s:4:"read";b:1;s:7:"level_0";b:1;}}}
.. which fixed the issue.
In the end, I suspect one of the Codecanyon plugins deleted all WP roles, but I didn’t bother figuring out the exact reason – the plugins contained 5000+ lines of very similar code with minor variations so it was rather difficult to read and not worth the time.
45 Responses to “Analyzing “You do not have sufficient permissions to access this page” error in WP admin”
Rub
Thanks, your solution helped me restoring the default roles on user_roles option.
So one of the plugin I install and deleted made this problem?
Why someone make such a thing?
Lior
Thanks you, it worked!
Sean
Saved my butt. Thanks.
angel alfaro
thanks, for your work, i solved my problem
br
dragomir
Great. Helped me a lot.
Thanks.
Irish
Thanks a lot! I’ve been looking for fix when I thought its the plugin whew!
Gary Donovan
Thanks heaps.
Jeroen
You made my day!! After visiting many useluss forums this resolved my problem.
Jay
Awesome, finally it worked.. thanks a lot
ken
You’re the man bro! saves m tons of time for your code! very helpful!
Seun
Thanks for the post, but in my own case what worked for me was just to change the wpje_user_roles to wp_user_roles inside the wp_options table.
Samirah Mamode
YOU saved my hardwork of 6month.. God bless you!
Jerry
This helped me, albeit one minor work-around.
I reset the user roles, but I noticed my login user had a slightly different array for wp_capabilities.
Somehow, it had the value = a:1:{s:13:”administrator”;b:1;}
I changed the last two to “a:2” and it worked! Thanks!
Antonio Mª Martín
Muchas gracias. Para mí ha sido la solución. He aplicado las reglas por defecto que usted indica (mediante el método de copiar y pegar el código que usted proporciona en esta página web) y también sirven para WP 4.5.3
roie
Thank you very much! Searched for hours before coming to this post.
Cyber
You are the MAN! Thanks, this worked like a charm after hours of research.
Dee
You are AMAZING!!! I never comment on things (serial lurker), but I just had to write to THANK YOU SO MUCH for your help with this.
I was unable to access my /wp-admin dashboard (I could access all the other admin pages though) for like 6 months or longer and had no idea why.
I would search periodically for hours for solutions and then get tired of searching and give up, only to try again a few days or weeks later -but finally, thanks to you I can finally access everything.
THANK YOU! THANK YOU! THANK YOU!
ZeleRoman
Thanks, it helped a lot!
Muneeb
Hi
Thanks for the article, i was able to login by adding filter, but restoring capabilities and removing filter gives the same error…..what i understood, filter hook by-pass the permissions and allow user to login, correct?
Indrek Kõnnussaar
Yes, the filter basically bypasses all permissions checks, which means that the error is probably in your database. Perhaps try getting the wp_user_roles contents from a clean WP install that matches your WP version?
Abdul Alim
Thanks a tonne! This, and only this worked for me. You are incredible!
Al
Nicely done! Thanks for making me look very clever lol
JB
You’re the best, man. This solution fixed it
Valentin
Thank you sir, nice hack that restored the wpadmin area where I did “make order” in those evil plugins that caused the problem in first place (I also mention that renaming the plugin folders, all of them, did not solved the problem since the culprit was the database).
Have a great day ! Thanks a lot !
Manuel Herrera
Hi,
Dont work for me, still dont get wp-admin access
Indrek Kõnnussaar
Can you clarify what you did exactly?
Lerry
Adding the function to functions.php and changing “b:1” to “a:2” in user_capabilities fixed it all.
Thank you.
Timo
You saved my life ! Thank you sooooo much for this !
Danielius
You saved my ass, Indrek. Thanks! 🙂
(I logged in using the functions code you wrote, saw that everyhing is roleless, installed “role editor” plugin and reseted everything with it.)
Pablo
Indrek, The Master of the masters!
Amazing trick, it was like magic!
Thank you, you ended 4 days of search in forums and to attempts several solutions with no luck.
many thanks!! You rock! \m/ \m/ \m/
Sitezilla Webdesign
You are a true god! Thank you so much. I have been struggling with this for many hours. You’re solution made this work again. Our customer is able to login again. Instead of the wholesale role we only saw the wpseo_manager role.
Isaac
Thank you soo much my dude you saved my life.
Toku
Thanks Indrek Kõnnussaar!
I’ve been battling with this issue for 6 days!
God bless you man!
Tom van der wal
Thanks, even in 2018, this solved my problem and the code was still oke for me!
Hendrik-Jan
Thank you for your solution. The function worked perfect and so I could adjust the database in your way.
Thanks…
Shakira
This has resolved my issue, thank you 🙂
Megavado
You are the one. Saved my “life”
Thanks
Liana
You are genius! Thank you! I spent a week to try so many things, only your solution worked.
Robin
Contributing my experience: should you get this error just after switching from HTTP to HTTPS, then your hosting provider probably uses SSL offloading.
Add the following to your wp-config.php, but make sure that these lines are *above* the require of wp-settings.php:
if ($_SERVER[‘HTTP_X_FORWARDED_PROTO’] == ‘https’)
$_SERVER[‘HTTPS’]=’on’;
if (isset($_SERVER[‘HTTP_X_FORWARDED_HOST’])) {
$_SERVER[‘HTTP_HOST’] = $_SERVER[‘HTTP_X_FORWARDED_HOST’];
}
Carlos Martínez
Love you. Thanks so much!
Evandro
Thank you so much. I didn’t know what to do anymore!
Ricardo de Jesús Pelcastre Cervantes
Solve the problem as you indicated.
The question is, can the same problem happen again within the same code.
Thank you
Indrek Kõnnussaar
Yes.
Jamal
Worked for me
Ahmet Parıltı
thank you so much. that was what i was looking for