There is nothing more annoying than to find that a site got hacked and that these hackers deleted some important things that make your site works. I’ve ran across several websites where hackers, just to ruin my day, deleted permissions from WordPress. Because of this, every time you try to log into the back-end, you get a cool little message that says:
You do not have sufficient permissions to access this page.
This message displays despite the fact that the user name in question is an administrator. The problem is that the administrator role got deleted. Well it’s happened enough times that I wanted to save the code I used to fix it, so without further ado, here is the code to add to your functions file if this happens to you.
if ( !get_role( 'administrator' ) ) {
$result = add_role(
'administrator',
__( 'administrator' ),
array(
'activate_plugins' => true,
'delete_others_pages' => true,
'delete_others_posts' => true,
'delete_pages' => true,
'delete_posts' => true,
'delete_private_pages' => true,
'delete_private_posts' => true,
'delete_published_pages' => true,
'delete_published_posts' => true,
'edit_dashboard' => true,
'edit_others_pages' => true,
'edit_others_posts' => true,
'edit_pages' => true,
'edit_posts' => true,
'edit_private_pages' => true,
'edit_private_posts' => true,
'edit_published_pages' => true,
'edit_published_posts' => true,
'edit_theme_options' => true,
'export' => true,
'import' => true,
'list_users' => true,
'manage_categories' => true,
'manage_links' => true,
'manage_options' => true,
'moderate_comments' => true,
'promote_users' => true,
'publish_pages' => true,
'publish_posts' => true,
'read_private_pages' => true,
'read_private_posts' => true,
'read' => true,
'remove_users' => true,
'switch_themes' => true,
'upload_files' => true,
'update_core' => true,
'update_plugins' => true,
'update_themes' => true,
'install_plugins' => true,
'install_themes' => true,
'delete_themes' => true,
'delete_plugins' => true,
'edit_plugins' => true,
'edit_themes' => true,
'edit_files' => true,
'edit_users' => true,
'create_users' => true,
'delete_users' => true,
'unfiltered_html' => true,
)
);
}
All this code does is recreate a the default administrator role in WordPress. Keep in mind that when this happened to me, all of the roles were deleted. However, I only needed the administrator. If you need to add the other default roles, simply copy the script, and replace “administrator” with the role you are trying to add. Then remove permissions accordingly. The default permissions for each role is listed here https://codex.wordpress.org/Roles_and_Capabilities.