WordPress common issues and solutions : Direct Solutions to the Top 5 Critical Problems

When your site goes blank after an update or you're locked out of your admin panel, 90% of the time, the fix follows a predictable, systematic path.

Suddenly facing a white screen, a critical error, or a broken site after migration can be paralyzing. This guide distills the most urgent WordPress failure scenarios into a clear, actionable roadmap. Designed for quick reference, it follows a strict "one cause, one solution" linear troubleshooting process used by professional developers to restore a site to normal function with minimal downtime.

Sudden Critical Failure: White Screen, 500 Errors, or Blank Pages

When your website becomes completely inaccessible or displays a blank/error page, the problem is usually an incompatible plugin, theme, or a server-side fatal error. The goal is to isolate the cause without panic.

Immediate Action Plan (5-Minute Diagnostics):

1. Clear All Caches: Perform a hard refresh (Ctrl + F5 or Cmd + Shift + R). Clear your caching plugin (e.g., WP Rocket, W3 Total Cache) and purge your CDN cache (e.g., Cloudflare) if applicable.

2. Disable All Plugins via FTP/SFTP:

   • Connect to your server using an FTP client like FileZilla.

   • Navigate to /wp-content/.

   • Rename the plugins directory to plugins_deactivated.

   • Refresh your website. If it loads, a plugin conflict is the cause.

3. Switch to a Default Theme via FTP/SFTP:

   • In the /wp-content/themes/ directory, rename your active theme's folder (e.g., my-theme to my-theme_deactivated).

   • WordPress will automatically fall back to a default theme like Twenty Twenty-Six. If the site works, your theme is the culprit.

If the Problem Persists – Enable Debugging:
If the above steps don't work, you need to see the underlying PHP error.

1. Access your site's root directory via FTP and locate the wp-config.php file.

2. Download it and open it in a code editor.

3. Find the line define('WP_DEBUG', false); and replace it with:

   php

   define('WP_DEBUG', true);
   define('WP_DEBUG_LOG', true); // Logs errors to /wp-content/debug.log
   define('WP_DEBUG_DISPLAY', false); // Prevents errors from displaying on screen

4. Upload the file back and refresh the problematic page. Check the /wp-content/debug.log file for the specific error message (e.g., memory exhaustion, fatal error in a specific function).

Root Cause & Permanent Fix:

• Cause: Plugin/Theme Conflict. An update introduced incompatible code.

  • Solution: With plugins disabled, rename the directory back to plugins. Activate them one-by-one, checking the site after each, to identify the faulty one. Replace or roll back the problematic plugin/theme.

• Cause: PHP Memory Limit Exhausted.

  • Solution: In wp-config.php, add define('WP_MEMORY_LIMIT', '256M'); above the /* That's all, stop editing! */ line.

• Cause: Corrupted Core File.

  • Solution: Manually re-upload a fresh set of WordPress core files (excluding wp-config.php and the /wp-content/ directory) from wordpress.org.

Admin Panel Failure: Can't Log In or Save Changes

This prevents you from managing your site. The login loop and "Update Failed" message are the most common manifestations.

Scenario A: Can't Log In (Login Loop or Password Reset Fails)

• Cause: Browser cookie corruption or a plugin/theme causing a redirect.

  • Solution: Clear your browser cache and cookies entirely. Try a different browser or incognito mode.

• Cause: Corrupted .htaccess rules or incorrect file permissions.

  • Solution: Via FTP, rename .htaccess to .htaccess_backup. Reset file permissions: directories to 755, files to 644.

• Cause: Lost admin password with non-functional email reset.

  • Solution: Use phpMyAdmin (via your hosting control panel). Find your site's database, browse the wp_users table, edit your admin user, and set a new password. Crucially, select MD5 from the function dropdown before saving.

Scenario B: Can't Save Posts/Pages ("Updating Failed" or Invalid JSON Response)

• Cause: The WordPress REST API is disabled or broken. This API is essential for the block editor and admin AJAX requests.

  • Solution: Visit https://www.wptroubleshoot.com/wp-json/. If it doesn't return a JSON response, the API is blocked.

    1. Follow the plugin/theme conflict steps above.

    2. Check if a security plugin (e.g., Wordfence) or your hosting's Web Application Firewall (ModSecurity) is blocking the /wp-json/ or /admin-ajax.php endpoints. Temporarily disable to test.

• Cause: A JavaScript conflict in the admin area.

  • Solution: Open your browser's Developer Tools (F12) and check the Console tab for red error messages when trying to save. This often points to a specific plugin's script.

Severe Performance Issues: Slow Loading & Timeouts

A slow website drives away visitors and hurts SEO. Performance optimization is layered, but start with high-impact fixes.

Immediate High-Impact Actions:

1. Implement Caching:

   • Solution: Install and configure a robust caching plugin. LiteSpeed Cache (if on LiteSpeed server) or WP Rocket are top-tier choices. Enable page caching and browser caching.

2. Optimize Images:

   • Cause: Uploading multi-megabyte, unoptimized images.

   • Solution: Use an image optimization plugin like ShortPixel or Imagify. Configure it to automatically compress new uploads and convert images to modern formats like WebP, which can reduce file size by over 50%.

3. Clean the Database:

   • Cause: Accumulation of post revisions, spam comments, and transient options.

   • Solution: Use WP-Optimize to safely clean this redundant data without manual SQL queries. Schedule weekly clean-ups.

Advanced Optimization for Persistent Slowness:

• Cause: Excessive database queries from poorly-coded plugins or themes.

  • Solution: Install the Query Monitor plugin. It identifies slow queries and the components causing them. Replace the offending plugin or request a fix from the developer.

• Cause: Unoptimized server stack.

  • Solution: Enable OPcache (for PHP script caching) and Object Caching (for database query results). If your host supports Redis, install the Redis Object Cache plugin and connect it. This is a game-changer for database-heavy sites.

• Cause: Render-blocking JavaScript/CSS.

  • Solution: Use your caching plugin's asset optimization features to defer non-critical JavaScript, combine CSS files, and load critical CSS inline.

Post-Migration or Update Catastrophe

A botched migration or update can break links, styles, and functionality. The key is methodical reversal and verification.

Problem: Site Broken After Migration (404s, Broken Images/CSS)

• Cause: Incorrect site URL in the database or hardcoded old paths.

  • Solution: Do NOT perform a simple search/replace in the database. Use the Better Search Replace plugin. It safely handles serialized data. Run it to replace all instances of your old domain (e.g., http://olddomain.com) with your new one (e.g., https://www.wptroubleshoot.com).

• Cause: Missing or incorrect permalink structure.

  • Solution: Log in to the admin panel (if accessible) and go to Settings > Permalinks. Simply click "Save Changes" to flush and regenerate the rewrite rules.

• Cause: File permissions preventing PHP from reading/writing files.

  • Solution: Set the /wp-content/ directory permissions to 755. Ensure the /wp-content/uploads/ directory is writable (usually 755).

Problem: Site Broken After Core/Plugin/Theme Update

• Cause: The new version contains a bug incompatible with your setup.

  • Solution: Roll back immediately. For plugins/themes from the official repository, use the WP Rollback plugin. For manual rollbacks, download the previous version from the developer's site and replace the files via FTP. Always test major updates on a staging site first.

Security Breach: Suspected Hacking or Malware

Unusual activity, strange admin users, or malicious redirects indicate a compromise. Speed is critical.

Emergency Response Protocol:

1. Install a Security Scanner:

   • Solution: Immediately install and run a scan with Wordfence Security or MalCare. They can identify backdoors, malicious code, and suspicious files.

2. Update Everything:

   • Solution: Update WordPress core, all themes, and all plugins to their latest versions to patch known vulnerabilities.

3. Reset All Passwords & Keys:

   • Solution: Change passwords for all admin users, FTP/SFTP, and the database. Use the Wordfence plugin to also force-logout all other sessions. In wp-config.php, regenerate your security keys using the official WordPress generator.

Long-Term Hardening Strategy:

• Cause: Weak login credentials and lack of monitoring.

  • Solution: Enforce strong passwords. Use Wordfence's two-factor authentication (2FA) and limit login attempts. Change your wp-login.php URL with a plugin like WPS Hide Login.

• Cause: No reliable, recent backup for recovery.

  • Solution: Configure automated, off-site backups with UpdraftPlus. Store backups in Google Drive or Dropbox and test the restoration process quarterly. A backup is only as good as your ability to restore it.

The systematic flow below summarizes the critical decision path for diagnosing a downed WordPress site: