Ready to get started?Download WordPress


[resolved] Redirect all login attempts to root login page with mod_rewrite (12 posts)

  1. Aren Cambre
    Posted 1 year ago #

    I have a mutlisite set up in subdirectory mode. I am using the Active Directory Integration plugin, which isn't network aware, so it only works on the base blog.

    If a user signs in on the base blog (to which he is automatically a subscriber), then he can go to My Sites, then find his site.

    However, if a user visits the wp-login.php for any subdirectory blog, he can't sign in. Again, the Active Directory Integration plugin isn't network aware, so you have to sign in via the base blog.

    I want to redirect all hits from sub-blogs' login pages back to the base blog's login page. This ought to work:
    RewriteRule ^.+wp-login.php(.*)$ wp-login.php$1 [L,NC]

    And, indeed, http://martinmelin.se/rewrite-rule-tester/ says it will work.

    Except it doesn't.

    All the other rules in my .htaccess appear to be working fine. Except this one. And this one is the first RewriteRule in my .htaccess!

    Is there something up with WordPress that would cause this to happen? I figured mod_rewrite stuff would fire before any PHP code runs?

    Just for grins, I turned on RewriteLog at log level three. Here's where it's trying to parse that rule for a visit to a sub-blog:

    add path info postfix: /path/to/website/subblog -> /path/to/website/subblog/wp-login.php
    strip per-dir prefix: /path/to/website/subblog/wp-login.php -> subblog/wp-login.php
    applying pattern '^.+wp-login.php(.*)$' to uri 'subblog/wp-login.php'
    rewrite 'subblog/wp-login.php' -> 'wp-login.php'
    add per-dir prefix: wp-login.php -> /path/to/website/wp-login.php
    trying to replace prefix /path/to/website/ with /
    internal redirect with /wp-login.php [INTERNAL REDIRECT]

    I'm at a loss on how to interpret this, but I thought the 4th and 5th lines were curious.

  2. It depends where you put it in your .htaccess.

    If you put the lines BELOW the WP ones, then the WP ones go first. Above, and they go second.

    Can you share your .htaccess?

  3. Aren Cambre
    Posted 1 year ago #

    Sorry for the slow response. Was out of the office for a while.

    They are above all WP ones. Here's the top few lines of the .htaccess file:

    php_value upload_max_filesize 100M
    php_value post_max_size 200M
    RewriteEngine On
    RewriteBase /
    # take users from an individual blog's login page back to the
    # root login page
    RewriteRule ^.+wp-login.php(.*)$ wp-login.php$1 [L,NC]

    ALL other redirects are after here.

  4. Hm. Well, why not cheat and use a filter? I suspect the problem is that wp-login.php passes params on it's own, and your borking those.


    // Redirect admins to the dashboard and other users elsewhere
    add_filter( 'login_redirect', 'novasource_login_redirect', 10, 3 );
    function novasource_login_redirect( $redirect_to, $request, $user ) {
        // Is there a user?
        if ( is_array( $user->roles ) ) {
            // Is it an administrator?
            if ( in_array( 'administrator', $user->roles ) )
                return home_url( '/wp-admin/' );
                // Go to the home URL of the site you're on:
                return home_url();
                // to go to a specific page on the site:
                // return get_permalink( 83 );
                // Go to the network home
                // return network_site_url();

    See http://codex.wordpress.org/Plugin_API/Filter_Reference/login_redirect :)

  5. Aren Cambre
    Posted 1 year ago #

    I suspect the problem is that wp-login.php passes params on it's own, and your borking those.

    But doesn't mod_rewrite complete its operations before the PHP executes? If this RewriteRule was working, then seems like there's no way I could possibly end up at a subsite's wp-login.

    And I wasn't clear about something. Since I am in subdirectory mode, if I hit the login page for any individual blog except the base blog, the URI stem will be /blogname/wp-login.php. I want to redirect any such hit to /wp-login.php, so that they have to log in to the base blog first.

  6. Yeah, but look at how WP has their redirects. You'd want this:

    RewriteRule ^([_0-9a-zA-Z-]+/)?wp-login.php$ wp-login.php$1 [L,NC]

    Still, it doesn't matter where they log in, does it? I mean, once you log in to subsite, you're logged in for all sites.

  7. Aren Cambre
    Posted 1 year ago #

    Still, it doesn't matter where they log in, does it? I mean, once you log in to subsite, you're logged in for all sites.

    It does matter. The Active Directory Integration plugin is not network aware, so it is only configured on the base blog. I must have users sign in on the base blog first.

    . is supposed to match any character, so ^.+wp-login.php(.*)$ ought to match, as it is saying match wp-login.php with at least one character before it.

  8. Oh bah, humbug, for plugins that aren't network aware :/

    I know . means 'any' but again, look at how WP's default .htaccess handles it. There's probably a reason they don't do it that way.

    Anyway, there are still other WP tricks like....

    function redirect_register() {
      global $blog_id;
      if ($blog_id != 1) {
        wp_redirect( 'http://maindomain.com/wp-login.php' );
    add_action( 'login_form_register', 'redirect_register' );
  9. Aren Cambre
    Posted 1 year ago #

    I figured it out with the help of colleagues. This one works:
    RewriteRule ^.+wp-login.php(.*)$ /wp-login.php$1 [L,NC,R=301]

    If I remove the ,R=301, it stops working.

    301 vs. 304? Don't care too much, as long as it redirects. But I have no clue why a 301 is required to make this work.

  10. Aren Cambre
    Posted 1 year ago #

    With more investigation, I now realize this was 100% my fault.

    I assumed RewriteRules cause redirects by default. In fact, unless explicitly specified, a RewriteRule may instead just internally proxy some other content on the same server.

    Adding the R flag forces the redirect, causing the behavior I wanted.

  11. Aren Cambre
    Posted 1 year ago #

  12. Replied there.

    IMO, you should still use ([_0-9a-zA-Z-]+/)?wp-login.php(.*)$ because that should prevent any front-facing page with 'wp-login.php' in the slug from getting redirected too. I admit the odds are astronomical in that happening, but we've met weirder users ;)

Topic Closed

This topic has been closed to new replies.

About this Topic