Locked Out by WPS Hide Login? How to Regain Access to Your WordPress Site

If you've installed the WPS Hide Login plugin and suddenly find yourself staring at a 404 error page instead of your login screen, you're not alone. This is a common issue reported by users. This guide will explain why it happens and walk you through the most reliable methods to regain access to your WordPress site.

Why Does This Lockout Happen?

Based on community reports, being locked out with a 404 error after using WPS Hide Login can occur for several reasons:

• Plugin or Core Conflicts: A subsequent update to WordPress core or another plugin can sometimes interfere with WPS Hide Login's functionality.
• Permalink Issues: The plugin relies on WordPress's rewrite rules. If these rules are flushed or become corrupted, the custom login URL may no longer be recognized.
• Caching: Heavy caching at the server, plugin, or CDN level might serve an old version of the site that doesn't recognize the new login URL.
• Incompatible Themes: A theme with errors or outdated code can sometimes cause conflicts that break the login process.

How to Regain Access to Your WordPress Site

You cannot access the plugin's settings from the WordPress dashboard because you are locked out. Therefore, you must use one of the following external methods.

Method 1: Delete the Plugin via FTP/SFTP or File Manager (Most Common Solution)

This is the most frequently cited and effective solution from the community. Deleting the plugin will immediately deactivate it and restore the default /wp-admin and /wp-login.php URLs.

1. Access your site's files: Connect to your website using an FTP client (like FileZilla) or use the File Manager tool in your hosting provider's control panel (e.g., cPanel).
2. Navigate to the plugins folder: Go to /wp-content/plugins/.
3. Locate and delete the plugin folder: Find the folder named wps-hide-login.
4. Delete it: Right-click the folder and select "Delete" or simply drag it to your local trash. Your site should be immediately accessible again at the standard /wp-admin URL.

Method 2: Try the Default Fallback URL

Before deleting the plugin, it's worth trying the default URL that WPS Hide Login uses. By default, this is /login. Simply go to yoursite.com/login to see if it works. If you or another admin changed this default, you will need to use Method 1.

Method 3: For Advanced Users - Database Query

If you have access to your database via phpMyAdmin (often found in your hosting control panel), you can manually clear the plugin's setting. This is a more advanced method.

1. Open phpMyAdmin and select your WordPress database.
2. Find the wp_options table (the prefix may be different if you changed it).
3. Search the option_name column for the entry whl_page.
4. Delete that row from the table. This will reset the plugin's custom URL.

Warning: Directly editing the database can break your site if done incorrectly. Always create a full backup first.

Important Security Note

Some users have reported that simply hiding the login URL is not a foolproof security measure. As one user noted, an admin account was created on their site even with WPS Hide Login and a limit login plugin active. For robust security, consider additional measures like:

• Using a strong, unique password.
• Implementing two-factor authentication (2FA).
• Installing a comprehensive security plugin.
• Protecting your XML-RPC file or disabling it with a dedicated plugin if you don't use it.
• Setting up a web application firewall (WAF).

Once you regain access, you can choose to reinstall the WPS Hide Login plugin and reconfigure it, or explore alternative security plugins to protect your login area.