Several days ago I’ve experienced an unpleasant situation where I was locked out of my WordPress admin page due to a bug / misconfiguration in Google Captcha (reCAPTCHA) by BestWebSof. Each time I tried to login I was denied, regardless of the captcha being marked:
Pretty nasty situation, considering that I’m locked out of the admin panel, where all plugin-related operation are performed. After a little research I realized that it can be done directly from WP mySQL DB, as long as you have access to it. Luckily, I was running WP on EC2 instance in my AWS so I had full privileges to access mySQL DB.
How to disable WordPress Plugin manually
The following procedure was performed to temporary disable BestWebSof Google Captcha plugin. Bear in mind that it is eligible for all other plugins preventing access to the admin panel or alternatively, cannot be disabled via the admin panel.
- Connect to the DB hosting WordPress – Usually mySQL DB. You can use whatever GUI to access to your database back end (MySQL). For my case, I used mySQL CLI directly from my web hosting server. The plugin configuration is stored in a table called wp_options.
- Now, lets look for active plugins with the following sql statement:
SELECT option_name FROM `wp_options` WHERE option_name = 'active_plugins'
- The result should be in the following form:
a:12:{i:0;s:59:"black-studio-tinymce-widget/black-studio-tinymce-widget.php";i:1;s:23:"cw-google-analytics.php"; i:2;s:32:"disqus-comment-system/disqus.php";i:3;s:50:"google-analytics-for-wordpress/googleanalytics.php";i:4; s:33:"google-captcha/google-captcha.php";i:5;s:36:"google-sitemap-generator/sitemap.php"; i:6;s:37:"meta-tag-manager/meta-tag-manager.php";i:7;s:37:"nivo-slider-lite/nivo-slider-lite.php"; i:8;s:29:"pirate-forms/pirate-forms.php";i:9;s:39:"simple-author-box/simple-author-box.php"; i:10;s:27:"updraftplus/updraftplus.php";i:11;s:23:"wordfence/wordfence.php";}
Where a represent the number of active plugins and each i the id of the plugin. As you see, I have had 12 plugin enables in system. But what I would like to do now is to disable google-captcha. To do so, I need to change the value a:12: to a:11:. Means that only 11 plugin will be enabled. Then remove
i:4;s:33:"google-captcha/google-captcha.php"
Hence, this whole string should be deleted, all other consecutive i indexes should be updated respectively.
- Please backup your database and/or your files/folders before making any change. This can solve to restore back the website in case of any problem happen unexpected.
- This is the final UPDATE query that was used:
UPDATE wp_options SET option_value="a:11:{i:0;s:59:\"black-studio-tinymce-widget/black-studio-tinymce-widget.php\"; i:1;s:23:\"cw-google-analytics.php\";i:2;s:32:\"disqus-comment-system/disqus.php\"; i:3;s:50:\"google-analytics-for-wordpress/googleanalytics.php\";i:4;s:36:\"google-sitemap-generator/sitemap.php\"; i:5;s:37:\"meta-tag-manager/meta-tag-manager.php\";i:6;s:37:\"nivo-slider-lite/nivo-slider-lite.php\"; i:7;s:29:\"pirate-forms/pirate-forms.php\";i:8;s:39:\"simple-author-box/simple-author-box.php\"; i:9;s:27:\"updraftplus/updraftplus.php\";i:10;s:23:\"wordfence/wordfence.php\";}" WHERE option_name = 'active_plugins';
Once the query is submitted, you’ll be able to log in to the admin console without reCAPTCHA validation. Now that you have access to the console, you can go to the plugin section and delete / edit the faulty plugin.