Log Out still redirecting to wp-login

  • I have ‘Hide Backend’ enabled, and I have successfully changed the URL of the login page. No problems there!

    But if I’m logged into WordPress and I then go to ‘Log Out’ at the top right of my Dashboard, clicking Log Out still tries to send me to the old wp-login URL. Of course, that doesn’t exist any more, so I get a 404 error page instead.

    Is there any way to fix this?

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)

  • If the slug is set to opensesame the Log Out url should look similar to this:

    https://www.manek.org.uk/wp-login.php?itsec-hb-token=opensesame&action=logout&_wpnonce=23gfd4lm84

    To prevent any confusion, I’m not iThemes.

    Good Day!

    Same issue here. iThemes notified 4 weeks ago. To date, no updates received.

    Temporary Fix:

    (1) Install the plugin, titled “Code Snippets

    (2) Add a snippet, titled “Redirect WordPress Logout to Home Page,” with the following code:

    //* Redirect WordPress Logout to Home Page
add_action('wp_logout','auto_redirect_after_logout');
function auto_redirect_after_logout(){
  wp_safe_redirect( home_url() );
  exit;
};

    Hoping iThemes will step up to the plate and address this nagging issue.

    Cheers!

    Ah right, after logging out it redirects to:

    https://www.domain.com/wp-login.php?loggedout=true

    But that won’t work if the HB cookie expired after an hour.

    • This reply was modified 5 years, 4 months ago by nlpro.

    My earlier post was based on observations in the Hide Backend module code.

    Just out of curiosity actually tested the issue today and …

    Yup, the issue reproduced instantly.

    Test performed using Firefox 70.0.1 (64-bits), iTSec 7.4.1, WordPress 5.2.4

    Additionally, please be aware that the @jetxpert “fix” is a workaround that cuts off part of the core logout code. For that reason it’s probably not advisable.

    • This reply was modified 5 years, 4 months ago by nlpro.

    @nlpro

    Thanks for the info.

    As stated above, solution provided is a “Temporary Fix.” Working for us 100%.

    What would you recommend as a permanent fix? (e.g., snippet, plugin file change, etc.)

    It appears iThemes needs to chime in, confirm the issue, and fix it at earliest opportunity.

    Cheers!

    The root caus of this issue is in the class-itsec-hide-backend.php file where the Hide Backend module hooks into the wp_redirect filter but the callback doesn’t work:

    add_filter( 'wp_redirect', array( $this, 'filter_redirect' ) );

/**
 * Filter redirection URLs to login and signup pages to include the access token query arg.
 *
 * @param string $location The relative path to redirect to.
 *
 * @return string The location with conditionally added access token query arg.
 */
public function filter_redirect( $location ) {
	return $this->filter_generated_url( $location, $location );
}

    There is something obvious in the callback that makes it fail.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Log Out still redirecting to wp-login’ is closed to new replies.