Softaculous shows "Unauthorized Access" when trying to log in to WordPress

If you are attempting to access your WordPress admin dashboard through the Softaculous Apps Installer in cPanel and encounter an "Unauthorized Access" error, it typically indicates a session mismatch or a synchronisation issue between your hosting account and the WordPress installation.

Common Causes

This error usually stems from one of the following:

• Expired Sessions: Your hosting control panel session has timed out.

• Browser Cookies: Corrupted or outdated cookies are interfering with the "Sign On" handshake.

• Path Mismatch: The WordPress installation was moved manually, but Softaculous is still looking for it in the old directory.

• Security Plugins: High-security settings or firewall plugins (like Wordfence or Sucuri) may be blocking the automated login script used by Softaculous.

Troubleshooting Steps

1. Refresh Your Hosting Session

The most frequent cause is a "stale" session.

• Log out of your hosting control panel (cPanel, DirectAdmin, etc.).

• Log back in and navigate to Softaculous immediately.

• Try clicking the Admin (person icon) link again.

2. Clear Browser Cache and Cookies

Sometimes your browser holds onto an old security token that WordPress rejects.

• Clear your browser's cache and cookies for the last hour.

• Alternatively, try accessing the dashboard using an Incognito/Private window. If this works, the issue is definitely browser-cache related.

3. Re-Sync the Installation

If you moved your site recently, Softaculous may have the wrong data.

1. Open Softaculous and click the All Installations (box icon) in the top right.

2. Locate your WordPress site.

3. If it isn't listed, use the Import tab to let Softaculous "find" the installation again.

4. If it is listed, click the Edit (pencil icon) and ensure the Installation Directory and URL are 100% correct.

4. Check for Security Plugin Interference

If you use a security plugin, it may view the Softaculous auto-login as a "bot" attack.

• Log in to WordPress directly via yourdomain.com/wp-admin using your standard username and password.

• Temporarily disable any security plugins.

• Attempt the Softaculous login again to see if the error persists.

• Check your .htaccess file for any issues

Technical Workaround

If you cannot resolve the error within Softaculous, you can always bypass it:

1. Reset your WordPress admin password via the "Lost your password?" link on your site's login page.

2. Log in directly at https://yourdomain.com/wp-login.php.

Note: Softaculous "Single Sign-On" (SSO) is a convenience feature. Even if it fails, your website data remains safe and accessible through the standard WordPress login page.