Instantly share code, notes, and snippets.

Embed
What would you like to do?
Added an exception to allow localhost access while my Force Login plugin is activated.
<?php
function v_forcelogin() {
$url = v_getUrl();
if( !is_user_logged_in() && preg_replace('/\?.*/', '', $url) != preg_replace('/\?.*/', '', wp_login_url()) ) {
if( $_SERVER['REMOTE_ADDR'] != '127.0.0.1' ) {
wp_safe_redirect( wp_login_url( $url ), 302 ); exit();
}
}
}
@kevinvess

This comment has been minimized.

Owner

kevinvess commented Oct 28, 2014

Keep in mind, using this code has security implications. The client can set HTTP header to any arbitrary value it wants. Meaning, someone could trick the server into thinking they're visiting the site with the 127.0.0.1 IP address and bypass the forced login.

@marbetschar

This comment has been minimized.

marbetschar commented Mar 26, 2016

Just rain in the issue here: https://wordpress.org/support/topic/wp-cron-not-running-3

Will this somehow be resolved in the official plugin? Maybe as an checkable option or by enabling WP-Cron to run either ways?

@kevinvess

This comment has been minimized.

Owner

kevinvess commented Jun 30, 2016

As of Force Login version 4.0 – exceptions for AJAX, WP-Cron, and WP-CLI requests have been added to the official plugin.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment