If you ware here, you are probably experiencing the following issue:
- A WordPress feature or plugin keeps returning the following error "Sorry, you are not allowed to access this page" when you try to access it.
- This only occurs on your test and live environment but does not occur on dev or a multidev environment or local development space.
- Cloning your live database/files from your live site to your other environments has no effect, it always works on your dev/multidev/local dev environments.
- You may have checked to see if your PHP versions in all the environments match (spoiler: they do). PHP error logs, enabled WP Error logs and so forth and still are very stumped
- Tech support doesn't know the answer.
This issue happened to me with the plugin "Related Posts for WordPress" on my company's website.
This boils down a pretty easy fix but does have some asterisks that need to be attached to it. By default, Pantheon configures the
wp-config.php with a lot of preloaded things, most of which are required. You can read about it here.
wp-config.php, locate the following
So for a quick breakdown, Pantheon provides a $_ENV superglobal variable that allows for Pantheon specific configuration to be passed into WordPress so no server credentials are commited into your codebase.
One of the things that you can access from the
$_ENV variable is
PANTHEON_ENVIRONMENT. The above nugget of code checks to see if the environment is test or live, to disallow file modification. Simply removing this if statement or commenting it out will fix your issues but it comes with some caveats.
DISALLOW_FILE_MODS stops the ability to install WordPress updates, plugin updates, and plugins from being installed in WordPress on both the test and live environments. This is desirable because of Pantheon's git flow. Any changes performed to test or live will be overwritten when a lower environment is promoted upwards. Example: If I promote dev to test, any added plugins or plugin updates on test that are not commited to my code base will be lost.
So, in short, this isn't a recommended fix for websites that are not managed by developers or very savvy users. I elected to comment out the code on our site as the only users of our website for content entry are all people working in a digital agency.
That's it, one line of code fix. Hopefully this sames someone else hours of reading.