Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Code snippet to reject login for admin/authors from the regular login url
<?php
/*
* Code snippet to reject login for admin/authors from the regular login url
* In this example, people who have edit_posts permission is require special url string to login
* The URL need to be: https://yourdomain.com/wp-login.php?salt=your_random_url_string
* For normal users they can login without the special salt
* But If author or admin try to login it will reject the authentication
*
*/
add_action('wp_login', function ($username, $user) {
// your target salt. Feel free to customize this
$urlParamString = 'your_random_url_string';
if (user_can($user, 'edit_posts')) {
$refer = wp_get_referer();
if (!strpos($refer, $urlParamString)) {
wp_logout();
wp_redirect(wp_login_url());
exit();
}
}
}, 1, 2);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment