Login page loop

  • Resolved giotto123

    (@giotto123)


    6 years, 7 months ago

    The Force Login plugin does indeed force me to login but after entering my username & password it just displays the login page again! I disabled all other plugins and enabled a basic theme (see below) but it still doesn’t work. Any assistance would be appreciated.

    WordPress Version 4.8.1
    Theme: Twenty Fourteen
    Plugins: ‘Force Login’ only

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter giotto123

    (@giotto123)

    6 years, 7 months ago

    Some more testing reveals that I can log in if (and only if) I use the URL for the login page, i.e. https://sub.main.co.uk/wp/wp-login.php.

    If I try to log in to any other page – such as https://sub.main.co.uk – then I just get redirected to the login page each time I submit my credentials.

    Any idea what might be wrong?

    Plugin Author Kevin Vess

    (@kevinvess)

    6 years, 7 months ago

    I disabled all other plugins and enabled a basic theme (see below) but it still doesn’t work.

    I’m surprised it still didn’t work for you while using a default Twenty- theme and no other activated plugins. Did you need to clear your web server’s cache?

    Can you share your site URL, so I can take a look?

    Sorry– I can’t think of any reason why it wouldn’t work for you using a default WordPress theme and no other plugins.

    • This reply was modified 6 years, 7 months ago by Kevin Vess.
    Thread Starter giotto123

    (@giotto123)

    6 years, 7 months ago

    Thank you for your reply.

    Further tests show that log-in is successful but redirection to the original URL fails.

    The redirect_to parameter should begin with HTTPS but in fact begins with HTTP. Manually correcting this parameter seems to solve the problem.

    My website URL is of the form https://ab.mydomain.co.uk. Is there any reason why the plugin should be unable to produce the correct redirect_to parameter from this?

    Unfortunately I can’t easily share the true URL as the website is restricted to my IP address.

    Plugin Author Kevin Vess

    (@kevinvess)

    6 years, 7 months ago

    The redirect_to parameter should begin with HTTPS but in fact begins with HTTP.

    How is your site setup to redirect HTTP requests to HTTPS?

    This should be setup either by the server config or your DNS; if you’re doing the redirect using PHP, then you will have a problem if your PHP redirect fires after the Force Login redirect.

    The plugin grabs whatever URL tried to load in the browser as the redirect_to parameter – which means, if you’re site is configured for HTTPS and a user types HTTP – it will grab the HTTP URL, unless a redirect to HTTPS happens before the page tries to load.

    If you can’t configure your web server or DNS to forward HTTP URLs to HTTPS, you can filter what the redirect_to parameter is using the v_forcelogin_redirect filter as outlined in the FAQ.

    Good luck!

    • This reply was modified 6 years, 7 months ago by Kevin Vess.
    Thread Starter giotto123

    (@giotto123)

    6 years, 7 months ago

    Many thanks for your advice.

    It turns out that the site wasn’t set up to redirect HTTP requests to HTTPS. I’m no expert (obviously!) but I Googled how to do this via .htaccess and the site now works with your plugin.

    Thanks again.

    Plugin Author Kevin Vess

    (@kevinvess)

    6 years, 7 months ago

    Great! I’m glad you were able to get this resolved.

    Be sure to rate and review my plugin to let others know how you like it.

    Thanks for using Force Login!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Login page loop’ is closed to new replies.