If you’re encountering a weird pop-up when you try to access yourwebsite.com/wp-admin, and your regular WordPress username/password doesn’t work, and clicking “Cancel” will result in an error “Unauthorized access”, then this article is for you.
This is actually a security feature implemented by the server/web hosting team, to block brute force attacks on your login page.
What’s a Brute Force attack?
Brute force attacks are automated scripts that try a variety of username/password combinations to try to access your WP back end, often starting with the username “admin”. This is why at Pixl we never ever use “admin” as the WordPress username. If your username is “admin”… you REALLY need to change that. Read more on the WordPress codex or watch the videos below:
So how do I access my site?
Chances are, your web hosting provider would have sent you an email beforehand explaining that they implemented this new security feature and “to access your site please use the provided username/password”. So just check your email.
Else, simply login to your web hosting support platform and send in a support ticket to request for help.
At point of writing I know that Serverfreak does this, but I’m not sure about other hosting providers.
Have any questions or anything to share? Hit the comments :)