Locked Out of WordPress? Here‘s How to Regain Access With FTP

Getting locked out of your WordPress admin dashboard is a scary feeling, especially if you‘re new to the platform. Whether you forgot your password, your site was hacked, or there‘s an error with a plugin or theme, it‘s a frustrating problem that happens to almost every WordPress user eventually.

Navi.

In fact, over 25% of WordPress users report getting locked out of their site at least once, according to a survey by WPBeginner. And Google searches for "locked out of WordPress" generate nearly 30,000 results per month globally. So if you find yourself in this situation, you‘re definitely not alone.

The good news is that in most cases, you can regain access to your WordPress site by manually adding a new admin user via FTP (File Transfer Protocol). As long as you have access to your WordPress site‘s files through your hosting account, you can get back into your dashboard in just a few steps.

I‘ve helped countless clients and readers get back into their sites this way, so I know how stressful it can feel. But don‘t panic! Just follow my step-by-step FTP tutorial below and you‘ll be back to managing your site in no time.

What You‘ll Need

To get started, you‘ll need the following:

  1. An FTP client installed on your computer. I recommend FileZilla since it‘s free and easy to use. Other good options are Transmit (Mac), Cyberduck, and WinSCP (Windows).

  2. Your WordPress site‘s FTP login credentials (hostname, username, and password). You can usually find these in your hosting account dashboard under "FTP Accounts" or in the welcome email you received when you first signed up. If you can‘t locate them, contact your hosting provider‘s support team for help.

  3. A code editor to modify WordPress files. Sublime Text and Atom are great free options, but the default text editor on your computer like Notepad (Windows) or TextEdit (Mac) will also work.

Step 1: Connect to Your WordPress Site via FTP

Open your FTP client, enter your FTP hostname, username, and password, then click the "Quickconnect" or "Connect" button.

Filezilla FTP connection

If you entered the credentials correctly, you should now see your WordPress site‘s files and folders on the right side of the screen (under "Remote site").

Step 2: Locate Your Theme‘s functions.php File

In the Remote site area, navigate to your active WordPress theme‘s folder by following this file path:

/public_html/wp-content/themes/your-theme-name/

Just replace "your-theme-name" with the actual name of your WordPress theme‘s directory. If you‘re not sure which theme you‘re currently using, look for the most recently modified theme folder inside wp-content/themes/.

WordPress theme folder via FTP

Once inside the theme folder, look for the functions.php file and double-click it to open it in your default text editor.

Editing functions.php via FTP

Step 3: Add Code to Create a New Admin User

Copy and paste the following code snippet at the very end of the functions.php file:

function wpb_new_admin_account() {
$new_admin_user = ‘newadmin‘;
$new_admin_pass = ‘password123‘;
$new_admin_email = ‘newadmin@yoursite.com‘;

if ( !username_exists( $new_admin_user )  && !email_exists( $new_admin_email ) ) {
    $user_id = wp_create_user( $new_admin_user, $new_admin_pass, $new_admin_email );
    $user = new WP_User( $user_id );
    $user->set_role( ‘administrator‘ );
}

}
add_action(‘init‘,‘wpb_new_admin_account‘);

Make sure to change the values for $new_admin_user, $new_admin_pass, and $new_admin_email to whatever username, password, and email you want to use for the new admin account.

For security, choose a strong password containing a mix of uppercase and lowercase letters, numbers, and symbols. Avoid using obvious words or phrases. I also recommend using an email address you have access to, just in case you need to recover the password in the future.

After updating the values, save your changes to the file but keep your text editor open for now.

Step 4: Upload the Modified File Back to Your Server

Return to your FTP client, find the functions.php file you just edited on the left side under "Local site", then right-click and select "Upload".

Upload modified file via FTP

You may see a prompt confirming if you want to overwrite the existing functions.php file on the server. Click "OK" or "Yes" to proceed.

Once the file transfer is complete, you can go ahead and close out of your text editor and FTP client.

Step 5: Log In With Your New Admin Account

Open your browser and go to your WordPress login page, which is usually located at yourdomain.com/wp-admin/.

Enter the username and password you chose in the code snippet, then click the "Log In" button.

WordPress admin login

If everything went smoothly, you should now see your familiar WordPress dashboard and have full admin access to manage your site again.

The first thing you should do is go to Settings > General and replace the email address associated with your original admin account. That way you can use the password reset function if you get locked out of that account again.

As an extra security precaution, I also recommend going back and deleting the new admin user code from your functions.php file so someone else can‘t exploit it to hack into your site. You can easily do this by repeating steps 2-4 above and just removing the code snippet before re-uploading the file.

Common Mistakes to Avoid

While manually editing functions.php to add a new admin user is a fairly straightforward process, there are some potential pitfalls to watch out for:

  • Syntax errors in the code snippet. A single misplaced character or typo can cause a syntax error that breaks your entire site. Always triple-check your code before uploading.
  • Not changing the default values. Never leave the default username, password and email values from the code example. That‘s just inviting hackers to waltz right into your site!
  • Editing the wrong functions.php file. If your FTP client is showing files from multiple sites, it‘s easy to get confused and edit a different site‘s functions.php by mistake. Always double-check the file path.
  • Uploading to the wrong directory. Similar to the previous point, make sure you‘re uploading the edited functions.php file to the correct theme directory for the site you‘re trying to fix.
  • Overwriting customizations. If your theme‘s functions.php file already contains custom code, be careful not to overwrite or delete it when adding the new admin user code. Consider using a child theme instead.

Tips to Prevent Future WordPress Lockouts

While knowing how to regain access to your WordPress site by editing files via FTP is an important skill, it‘s obviously better to avoid getting locked out in the first place. Here are some tips to help prevent that:

  • Use a password manager like LastPass or 1Password to create strong, unique passwords for your WordPress admin account and store them securely.
  • Enable two-factor authentication on your WordPress login using a plugin like Wordfence or iThemes Security.
  • Keep your WordPress core, themes, and plugins updated to ensure you have the latest security fixes. Consider setting up automatic updates or using a managed WordPress host that handles updates for you.
  • Regularly back up your WordPress site so you can quickly restore it if something goes wrong. Plugins like UpdraftPlus and BackupBuddy make this easy.
  • Implement a WordPress security plugin like Sucuri that includes a website firewall, malware scanning, and security hardening features.

If you do find yourself locked out of your site frequently or just want an easier way to manage and troubleshoot it, I highly recommend the free WPCode Plugin. It adds a user-friendly interface inside your WordPress dashboard for adding and managing code snippets, so you don‘t have to edit theme files directly via FTP anymore.

Plus, WPCode checks your code for errors before activating it and even maintains a backup of your original functions.php file. So if you accidentally break something, it‘s much easier to revert back without having to manually connect via FTP again.

Wrapping Up

I know firsthand how frustrating and scary it feels to be locked out of your WordPress site. But I hope this in-depth guide gives you the confidence to regain access all by yourself using FTP.

By following the steps and best practices outlined above, you‘ll be able to add a new WordPress admin user in no time and get back to business as usual. While I can‘t promise you‘ll never experience a lockout again, at least now you know you have the skills to fix it quickly.

For more tips on troubleshooting WordPress, keeping your site secure, and making the most of the platform, check out my other tutorials here on WPBeginner. And as always, feel free to reach out if you have any lingering questions!

Did you like this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

How to Use SMTP to Reliably Deliver WordPress Emails (Ultimate Guide)
Say Goodbye to the WordPress Welcome Panel: How to Clean Up Your Dashboard in 2024
14 Tested Ways to Recover WooCommerce Abandoned Cart Sales
The WordPress Site Owner‘s Guide to Preventing Content Theft (2023)
How to Easily Embed Instagram in WordPress (Step by Step)
Seeing the 401 Unauthorized Error in WordPress? Here Are 7 Proven Solutions
15 Most Popular Digital Products to Sell Online in 2024
How to Try WordPress for Free Without a Domain Name or Web Hosting (2024 Guide)