Page Guard Redirect


Page Guard Redirect uses a single URL parameter or POST variable as a means of providing a token to guard access to any page on which this plugin’s shortcode is placed – redirection can be made to occur when the token fails to match what is expected (the alternative, i.e. redirect when token DOES match – is also included for completeness.)

The shortcode to use is ‘pgredirect’ – its attributes are:

tokenparam (required): a string value containing the name of the token URL param - e.g. 'mytoken'
tokenvalue (required): a string value containing the expected value of the tokenparam - e.g. 'x34ggj45b'
redirectURL (required): a string value containing the URL to redirect to (you can use an existing page as the target for the redirection - alternatively, for many configurations, setting this to a non existent page will make WordPress redirect to the default 404 "not found" page.)
redirectWhen (optional): -> when = "1", redirects when match is found, otherwise defaults to redirect on non-match

Syntax examples:

  redirect on non match (default) -
    [pgredirect tokenparam="mytoken" tokenvalue="1234abcd" redirecturl="" /]

  redirect on match (add redirectwhen="1" as an attribute) -
    [pgredirect tokenparam="mytoken" tokenvalue="1234abcd" redirectwhen="1" redirecturl="" /]


A typical use scenario might be to prevent access to a downloads page. Suppose you have a PayPal “Buy Now” button on your site which allows visitors to make a payment for say, an eBook or audio recording. When setting up the button in your PayPal account you specify a URL on your site to which the visitor is returned after they’ve made payment. On this return page you’ve added a link the visitor can use to download their purchase – however, you don’t want any non paying visitors to find the return page by chance!

Add a parameter to the end of the return URL (using any name and value you want) when you set up your button in PayPal e.g.


Next, add a pgredirect short code to your return page in WordPress –

[pgredirect tokenparam="dltoken" tokenvalue="Xc345Fd77" redirecturl="" /]

This will cause a redirect if Page Guard Redirect detects either the lack of the expected token in the URL parameter, or a value which doesn’t match the one in the short code’s tokenvalue attribute.


  1. To install the plugin, download the zip file and upload via the plugin interface of your WordPress site or install the plugin through the WordPress plugins screen directly.
  2. Activate the plugin through the ‘Plugins’ screen in WordPress


Can I use any name for my URL token parameter

Yes you can! You might like to use somewhat obfuscated token names as well as values in order to further minimise the possibility of a visitor finding your protected page purely by chance e.g.



There are no reviews for this plugin.

Contributors & Developers

“Page Guard Redirect” is open source software. The following people have contributed to this plugin.


Translate “Page Guard Redirect” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



Added a filter to enforce use of classic editor when editing any page containing a pgredirect short code. The new block (Gutenberg) editor was found to run pgredirect’s code rather than ignoring it, resulting in a redirect away from the page needing editing.


First implementation