Title: [HELP]wp-login.php?redirect_to= Last modified: August 18, 2016 --- # [HELP]wp-login.php?redirect_to= * Anonymous * [21 years, 7 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/) * Howdy — Somthing odds, going on with my login precessing here’ the URL that shows up when enter a wrong username/password? /wp-login.php?redirect_to=%2Fgatheringplace% 2Fwp-admin%2F The other is the password being sent when I request isn’t working either? Any ideas? TIA, david Viewing 15 replies - 1 through 15 (of 21 total) 1 [2](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/page/2/?output_format=md) [→](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/page/2/?output_format=md) * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [21 years, 7 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109005) * Try changing the site_url and home values with phpmyadmin: [http://www.tamba2.org.uk/wordpress/site-url/](http://www.tamba2.org.uk/wordpress/site-url/) If the password is base64 encoded: [http://blogged.btvillarin.com/2004/11/10/solving-garbled-text/](http://blogged.btvillarin.com/2004/11/10/solving-garbled-text/) To change your password: [http://www.tamba2.org.uk/wordpress/phpmyadmin](http://www.tamba2.org.uk/wordpress/phpmyadmin) * Thread Starter Anonymous * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109087) * Hi That is infact a rather nasty security bug in WP which lets un-authorized users screw up your site. Most security scanners are aware of this. That’s how I found out about it. I won’t say in public forum how to exploit it, but if WP development is unaware of this, they can contact me for details at [far2fish@gmail.com](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/far2fish@gmail.com?output_format=md), as I think this issue should be closed as soon as possible. Anyway, if you have been hit with this issue, what I’ve found to be a solution is this: 1. Go to / wp-login.php (don’t hit the login link on your site) 2. Enter your login details 3. Go to options 4. Click on Update Options 5. Your site should be fine * [emsdc](https://wordpress.org/support/users/emsdc/) * (@emsdc) * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109158) * Is this problem being addressed by WP? * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109159) * Yes. The devs are aware and working. * Thread Starter Anonymous * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109184) * I had the same failed redirect problem (wp-login.php?redirect_to=%2Fwp-admin% 2F) after upgrading to version 1.2. Took me a while to find the fix…ultimately all it took was deleting the WP cookie in Internet Explorer. * Thread Starter Anonymous * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109187) * 1. Go to /wp-login.php (don’t hit the login link on your site) 2. Enter your login details 3. Go to options 4. Click on Update Options 5. Your site should be fine Can someone elaborate on this. I’ve tried everything and I’m still redirected back to my login page as a result of this vulnerability. I need a fix now. I can’t login to wp-admin. I’ve deleted all cookies etc. Reset the admin passwd using phpMyAdmin. Nothing worked. Even if I type my wp-login.php URL in direclty I still get redirected to back to the login page. Where does the redirect URL setting exist? Couldn’t it be changed in the php file directly? * Thread Starter Anonymous * [21 years, 6 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109188) * Having the same problem with being redirected back to the login page.. I’ve been searching these forums and tried all sorts of suggestions regarding the white space etc.. (have never gotten any error messages but figured it couldn’t hurt) and still can’t get it to stop redirecting. Help! * [idban](https://wordpress.org/support/users/idban/) * (@idban) * [21 years, 5 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109191) * i do meet this problem when upgrading to 1.2.2 this is what i did to fix it * Open wp-login.php * find COOKIEHASH * rename/replace to $cookiehash besure to rename all of them * [griffhome](https://wordpress.org/support/users/griffhome/) * (@griffhome) * [21 years, 5 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109192) * Ok. I have tried the $cookiehash fix and still am not able to login normaly. I can login, see an error page which says, “sorry, no post match your criteria.” I then link to an existing post and click the “edit this” link…. Has anyone found other fixes? Thanks… * [idban](https://wordpress.org/support/users/idban/) * (@idban) * [21 years, 5 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109193) * try clear your old cookies. then login again. it work for me * [griffhome](https://wordpress.org/support/users/griffhome/) * (@griffhome) * [21 years, 5 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109195) * It looks like this is a .htaccess issue. I have posted at this location for further insight: [http://wordpress.org/support/3/14271#post-109404](http://wordpress.org/support/3/14271#post-109404) * [lingster](https://wordpress.org/support/users/lingster/) * (@lingster) * [21 years, 4 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109218) * This one got me yesterday – took me five hours to figure out that someone had changed the SITEURL value in the db. I’m not sure how it was done, but any help preventing a recurrence would be welcome. * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [21 years, 4 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109219) * To prevent the reoccurrence, upgrade to WP v1.2.2 or the latest Nightly Build. * [t1dude](https://wordpress.org/support/users/t1dude/) * (@t1dude) * [21 years, 2 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109243) * I just installed WP 1.5 and I am being redirected to the login page after a successful login. If I purposely enter an incorrect password, the login page displayes a message indication as such. If I enter the correct password, i just get redirected to the login page with the following query string in the URL: [http://www.dudedesign.com/blog/wp-login.php?redirect_to=%2Fblog%2Fwp-admin%2Findex.php](http://www.dudedesign.com/blog/wp-login.php?redirect_to=%2Fblog%2Fwp-admin%2Findex.php) * could it be that the webserver is converting the slashes to “%2F”? I tried to change them in the URL and then submit and it still redirects me to the login page. I also clicked the “forgot passoword” link and went through that process to get a new password and still no luck. if antone has any suggestions on how to fix this, I’d really appreciate it. the product looks great, I’d love to be able to try it. * thanks, dude * [t1dude](https://wordpress.org/support/users/t1dude/) * (@t1dude) * [21 years, 2 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/#post-109244) * btw… problem persists with both IE and FF. Viewing 15 replies - 1 through 15 (of 21 total) 1 [2](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/page/2/?output_format=md) [→](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/page/2/?output_format=md) The topic ‘[HELP]wp-login.php?redirect_to=’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 21 replies * 13 participants * Last reply from: [pkonink](https://wordpress.org/support/users/pkonink/) * Last activity: [19 years, 5 months ago](https://wordpress.org/support/topic/helpwp-loginphpredirect_to/page/2/#post-109313) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics