How to avoid redirecting to wp-login.php when failed to login

In this knowledgebase we show you how to avoid redirecting to wp-login.php when failed to login.

A lot of times people wish to place a front end login form on their Website, which helps to hide the fact that the site is running WordPress. This works great, except when a user has a fail login attempt. When that happens, they are automatically directed to the default wp-login.php.

Open the file in this path /wp-content/themes/theme-folder/function.php using some editor like DreamWeaver.

Here you can add the below code,

add_action( 'wp_login_failed', 'fitness_login_fail' ); // hook failed login
function fitness_login_fail( $username ) {
$referrer = $_SERVER['HTTP_REFERER'];
if ( !empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin') ) {
wp_redirect(home_url() . '/?login=failed' );
exit;
}
}

You can change the wp_redirect() URL as per your need.

Rate This Article

(1 out of 3 people found this article helpful)

Leave A Comment?

This site uses Akismet to reduce spam. Learn how your comment data is processed.