redirect_to not kept

Hello,

Thanks for using WPS Hide Login.

Are you using any plugin enabling this redirect after login or a have you put a custom code in your code ?

In the first case, there must be a filter the plugin team can share with you and us.

Hello Maxime

This redirect is a native behavior of WordPress, when you try to access to a back-office page while you are not logged in. We need to use this native behavior to have valid URL for specific back-office pages using our secret login URL generated by WPS Hide Plugin. For now, we do not have any custom code for that. So could you share the filter to add ?

Thank you in advance !

Hello,

But WPS Hide Login works well with native WordPress login behaviors. That’s why I asked for plugins or code.

There may be a conflict between other plugins ? Are you using login page customiser or anything else ?

Have you tried to deactivate every plugins except WPS Hide Login to check if the issue still appears ?

Thank you very much for your help.

I have tested today the plugin on a brand new WordPress, and I identified the issue with this test URL : https://sandbox.oliv-it.fr/mysecurelogin?redirect_to=https%3A%2F%2Fsandbox.oliv-it.fr%2Fwp-admin%2Fpost.php%3Fpost%3D3%26action%3Dedit&reauth=1

The redirection works when the user is not yet logged in.
In that case, the user sees the login page and then he is redirected to the right admin page : https://sandbox.oliv-it.fr/wp-admin/post.php?post=3&action=edit

But if the user was already identified earlier (session kept in cookies), then he is directly redirected to the back-office home page https://sandbox.oliv-it.fr/wp-admin/ (instead of the right specific page).

May that be a bug of the plugin ?

• This reply was modified 1 year, 10 months ago by Pierre-Emmanuel.

if you want, I can send you by private message id+password to my sandbox wordpress

?@pedubreuil Please don’t offer to send or post logon credentials on these forums: https://www.ads-software.com/support/guidelines#the-bad-stuff

It is not OK to offer, enter, or send site credentials on these forums. Thanks for your cooperation.

Please note that the plugin dev can get in serious trouble here if they accept your offer.

sorry @sterndata : this was just about giving access to a sandbox, used only to reproduce the bug of this plugin, but I understand the policy on the forum.

I hope @seinomedia you will find quickly how to solve this bug of the plugin. Thank you in advance!

Sandbox or not, it’s a no-no.

Hello @pedubreuil

The bad redirect for logged in users is due to cache. You’ve to exclude wp-admin and wp-login.php pages from cache in your cache plugin or in your CDN settings.

Hi @seinomedia

Unfortunately, I still have the same issue in my sandbox WordPress, with no cache plugin and no CDN. Could you try the test case on your own environment and tell me if you can reproduce or not the issue ?

and I do not have this issue with your plugin disabled

WordPress redirects to wp-admin after login not to redirect=… Then, you must use another plugin which creates this redirect.

I have done multiple tests, and I am sure that is not the default behavior of WordPress : without your plugin, I am always redirected to the target URL mentionned here :“login.php?redirect_to=…“ (regardless of whether the user is logged in or not).

But when I activate your plugin “WPS Hide Login”, if the user is already logged in, the target URL is not considered and I am always redirected to the home page of /wp-admin/

I cannot understand how another plugin could modify this behavior of “WPS Hide Login” : could you detail how I can fix that ?

Please read my answers.

The defautl WordPress behaviour redirects to /wp-admin/ after login and to /wp-login.php/?loggedout=true&wp_lang=fr_FR. WPS Hide Login is fully compatible with that and the “lost password link”.

Then, your links (redirect=…=) aren’t due to WPS Hide Login.

OK… could you just try to do those tests on your side and tell me what behavior you see ?

A# without WPS Hide Login

1. log out from your WordPress (=> not authentified)
2. Go to this URL : https://YOUR_WEBSITE/wp-admin/plugins.php
3. Copy the URL (which should look like this : https://YOUR_WEBSITE/wp-login.php?redirect_to=https%3A%2F%2FYOUR_WEBSITE%2Fwp-admin%2Fplugins.php&reauth=1 )
4. Log in with your credentials
5. You will be redirected to the plugins list page
6. Open a new tab in your browser
7. Paste the URL that you copied before
8. You will again be redirected to the plugins list page

B# with WPS Hide Login

1. log out from your WordPress (=> not authentified)
2. Go to the URL : https://YOUR_WEBSITE/YOUR_SECURE_LOGIN?redirect_to=https%3A%2F%2FYOUR_WEBSITE%2Fwp-admin%2Fplugins.php&reauth=1 )
3. Log in with your credentials
4. You will be redirected to the plugins list page
5. Open a new tab in your browser
6. Go again to the same URL than before
7. You will be redirected to the /wp-admin/ homepage (instead of the plugins list)