I am building a website, with wordpress+buddypress (latest version).
In this website, I have my own custom login|signup|resetpass forms, and i do not want to link them to back-end wp-forms.
And I have blocked back-end forms for all users (default wp-login|signup|resetpass forms)(with a 404)
So if you try to reach wp-admin/wp-login you will see the 404.
I do not want to use any kind of redirection. What I want is to stop the redirection on a special URL, as to Stop the redirection from that URL to any other URLs.
I want to stop redirection from /wp-admin to /wp-login.php?redirect_to=http%3A%2F%2Fsite.com%2Fwp-admin%2F&reauth=1
When you try to reach:
www.example.com/wp-admin
and you are not logged in, you will automatically get redirected to:
example.com/wp-login.php?redirect_to=http%3A%2F%2Fsite.com%2Fwp-admin%2F&reauth=1
you will get redirected…
the URL will change automatically
this is the default action of wordpress.
i want to stop that automatic redirection.
when you try to reach /wp-admin , you have to stay at /wp-admin (you should not get a redirect to wp-login..)
please see these 2 pictures for full details :
1 – picture 1 – yoursite.com/wp-admin
2 – picture 2 – you see the url changed automatically..
- NOTE : the 404 is something i made with custom code to happen…, it’s not an error.
i’ve tested so many codes, to stop it. but none worked for me.
code number 1 :
remove_action('template_redirect', 'redirect_canonical');
code number 2 :
remove_filter('template_redirect', 'redirect_canonical');
code number 3 :
add_action(
'init',
function() {
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
}
);
code number 4 :
function custom_wp_redirect_admin_locations() {
global $wp_rewrite;
if ( ! ( is_404() && $wp_rewrite->using_permalinks() ) )
return;
$admins = array(
home_url( 'wp-admin', 'relative' ),
);
if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $admins ) ) {
$wp_query->set_404();
get_template_part( 404 );
exit();
}
$logins = array(
home_url( 'wp-login.php', 'relative' )
);
if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins ) ) {
$wp_query->set_404();
get_template_part( 404 );
exit();
}
}
function remove_default_login_redirect() {
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
add_action( 'template_redirect', 'custom_wp_redirect_admin_locations', 1000
);
}
add_action('init','remove_default_login_redirect');
coded number 5 :
add_action(
'template_redirect',
function() {
$requ = untrailingslashit($_SERVER['REQUEST_URI']);
if (site_url('wp-admin','relative') ===
untrailingslashit($_SERVER['REQUEST_URI'] )){
remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
}
}
);
code number 6 :
function custom_wp_redirect_admin_locations() {
global $wp_rewrite;
if ( ! ( is_404() && $wp_rewrite->using_permalinks() ) )
return;
$requested_url = untrailingslashit( $_SERVER['REQUEST_URI'] );
$admins = array(
home_url( 'wp-admin', 'relative' ),
home_url( 'dashboard', 'relative' ),
home_url( 'admin', 'relative' ),
site_url( 'dashboard', 'relative' ),
site_url( 'admin', 'relative' ),
);
if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $admins ) ) {
redirect_canonical( $requested_url , false );
exit;
}
$logins = array(
home_url( 'wp-login.php', 'relative' )
);
if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins ) ) {
redirect_canonical( $requested_url , false );
exit;
}
}
function remove_default_login_redirect() {
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
add_action( 'template_redirect', 'custom_wp_redirect_admin_locations',
1000);
}
add_action('init','remove_default_login_redirect');
whatever i used seems not to be doing the thing i want. how can i do it?
thanks a lot.
EDIT : this is not a duplicate.
i’ve read these articles too :
1 – this article
2 – this article
3 – this article
1 Answer
thanks to Tomasz Struczynski
who has explained and answered my question completely
You Can See The Answer At This Link
First – explanation.
WordPress is kind of tricky, when it comes to admin pages. Essentially, when admin page is being loaded, wp-admin/admin.php is being included. Inside this file there is a call to a function called auth_redirect() It checks, if user is logged in, and if not – redirects him to a login page.
As this function is not a typical action/filter, it is kind of hard to disable it. Fortunately, it calls several hooks on its own. One of them, auth_redirect_scheme, is called just before real redirection happens. It is meant to prepare a ‘scheme’ (http/https) for redirection, but we can exploit it to suit your goals.
I added a filter hook for auth_redirect_scheme, with priority 9999 (it does not really matter, but I wanted it to run late, just in case). I then took a piece of code from original auth_redirect() used to check, if user is logged in (wp_validate_auth_cookie). If he is, we just return value, as nothing has to be done. If the user is not logged in, though, we show an error page and exit the script (to prevent redirect of happening).
Also, just in case I disabled wp_redirect_admin_locations filter. I’m not really sure, if this is needed, but…
And now – the code. Mind, this might not be the perfect solution and will require some improvements from your part.
<?php
/**
* @packageStop_Redirect
*/
/*
Plugin Name: Stop redirect
Plugin URI:
Description: Stop redirecting anything to wp-login
Author: Tomasz Struczyński
Version: 0.1
Author URI:
*/
add_action('init', 'remove_default_redirect');
add_filter('auth_redirect_scheme', 'stop_redirect', 9999);
function stop_redirect($scheme)
{
if ( $user_id = wp_validate_auth_cookie( '', $scheme) ) {
return $scheme;
}
global $wp_query;
$wp_query->set_404();
get_template_part( 404 );
exit();
}
function remove_default_redirect()
{
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
}
