[wp-hackers] Strange limbo - /wp-admin turned non-functional without harcoded {SECURE_}AUTH_COOKIE

Leho Kraav leho at kraav.com
Mon Dec 3 19:40:39 UTC 2012

Hi all

Hoping to find some know-how here about a strange occurrence. During a 
debugging session which included a die() somewhere in or near 
plugins_loaded hook, a multisite /wp-admin managed to turn itself into a 
pretty solid wall-like "You do not have enough permissions to access 
this page" state. WP complains in WP_DEBUG that SECURE_AUTH_COOKIE is 
not defined during the request. Clearing the browser cache and history 
does not help, as a matter of fact /wp-admin/ is rendered non-functional 
for everyone registered.

Resetting authentication keys does not help.

Two things seem to work around this:

  * wp-config.php -> define( "AUTH_COOKIE", "somevalue" ), same for 
  * disable WPML SitePress plugin -> very difficult, since the site 
completely lives on it

I will be going through disabling all other plugins one by one when I 
can pick a spot for some downtime. But in the meanwhile I'd like to ask 
is perhaps there anything in the database I could clean out that's 
related to those cookie constants? Any theories what could be going 
wrong here re the cookies?

Been running tens of sites with the WPML configuration, never seen this 

More information about the wp-hackers mailing list