I was given a PHP project based on a WordPress site. The thing is, I can't access the wp-admin panel. I saw a lot of questions about that on StackOverflow, but I couldn't find an answer to mine.
Login to WordPress is done through wp-config.php with the MySQL settings (I can see it because when I put wrong credentials I cannot access to the project's internal pages).
I was told I can access to the wp-admin panel by adding wp-admin
to the URL. There is no wp-login.php
file as it is an automatic login.
Actually when I put in my URL http://localhost:9999/html/pages/wp-admin
(which is the location of my folder wp-admin), I just get the list of subfolders.
I connect well with an administrator account (in the database it is written wp_capabilities | a:1:{s:13:"administrator";b:1;}
) however when I test with the current_user_can('administrator')
function, I am not considered as admin.
Can you help me by directing me to where to look?
/wp-admin
feature. wordfence.com/learn/… let me know if this works. I know that this is a local project, but I'm gonna give you the advice anyways. You should really hide the directory from be visible in the browser. This can be done in the.htaccess
file by addingOptions -Indexes
to the file. Else this could be valuable information for hackers to try and locate vulnerable plug-ins etc. – Martin