You are here
WilliamD - Tue, 2015/02/03 - 19:31
How do I know what this login is? The configuration process only asks me to set the password for the wordpress account, but not the "login". When I quit the configuration console, I am asked for my login, which I have no idea what it is. Help.
Forum:
Tags:
By the sounds of it...
By the sounds of it you are trying to log into the console!? FWIW all the login credentials for each appliance are documented on each appliance page. Although it's not specified, the SSH login is essentially a remote console login. E.g. on the WordPress appliance page it says:
It's because of the way that the permissions are set
But as WordPress has evolved, the 'user friendliness' cost imposed by the choice of security settings has risen. In some respects it could be argued what started as a security plus has actually become a security minus. Whilst the risk of a compromised WordPress install hijacking the whole server is reduced; the chance of an out-of-date WordPress install getting hacked in the first place is increased...
The new (not yet released v14.0) version of our WordPress appliance reworks the permissions to allow easy in place upgrades. It does come with the 'price-tag' or reduced overall server security but users will find it easier to keep WordPress up to date so the risk of WordPress being compromised are less (so long as the user actually applies the updates!).
But to get to the point, there is an extensive post covering how one might go about "fixing" the security settings of the current appliance (including a lively debate about the pros and cons). Have a look here. This post specifically covers the steps to take to enable browser based upgrades.
WordPress
Hello,
TurnKeyLinux's Wordpress looks extremely interesting and I've been looking forward to trying it for awhile. Today I installed the raspberry pi version on my pi 4, and it installed great, but I have a problem. It wants me to log into wordpress on my local system using the username 'admin', so I did so then entered the password (which I set for all of my services when I first set up the system) but it kept saying "Incorrect password." How can I find the correct password to log into the admin console?
Thank you!
I'm not sure why?
I'm not sure why? But it doesn't have a default password. It should be the password you set it to at firstboot.
Having said that, we have had a few users complain that they are having problems with particularly complex passwords. Punctuation/special characters seem to be the most likely to cause issues. So perhaps try again with a more simple password (upper case, lower case and numbers)- although you can make it secure by making it long. Alternatively once you can log into WordPres, you could change it then, in the WordPress UI. Try setting the password again interactively like this:
Alternatively, you can run it non interactively. Use the '-h' switch to double check the values required:
Can't login like Josh said
Found my way here after a search for a new install problem.
Can't login to /wp-login.php using the passwords I just set up.
Going to port 12321 on the root loads the turnkey page, which then takes root and my password, but then borks on loading session_login.cgi and I can never get back to the login again.
I'm installing it on Proxmox and accessing via it's IP, so in the setup I do say the web URL is the IP if that could be a problem.
It's a known issue with the latest (v18.1) release
The WordPress login problem is a known issue. A fix has already been applied to he build code, but an updated appliance has been yet to be built & released. I hope to release that ASAP.
In the meantime, you could apply the fix yourself. I.e. edit the file /usr/lib/inithooks/bin/wordpress.py. Make the changes noted there - edit the lines noted in red with a '-' prefix so they look like the lines in green that have a '+'. Then rerun the firstboot script:
Also FWIW using an IP as the "domain" should be fine, but note that you will need to update the domain if/when you use an actual domain. Re running that firstboot script will do that for you - although that will only work if you haven't manually changed the domain.
As to your Webmin issue, that is a new one. Although my first guess is that fail2ban is kicking in and blocking access. That should only be triggered after 3 failed logins, but If I'm correct, it sounds like it's triggering after only one. If that is the issue it should reset after 10 minutes.
To check that, try stopping the fail2ban service and restating Webmin via a terminal session:
If that doesn't help, first try checking that Webmin is running ok, again form a terminal:
The line starting "Active:" should say "active (running)".
Regardless, try checking the journal for webmin logs. First recreate the issue (i.e. try to log in again), then again from a terminal, run this:
Please share that, as well as any further info you may have.
Add new comment