Check user logged in from outside of WP folder

If WordPress is installed in /subfolder/, then the authentication cookies will by default only valid for that path.

So if needed, you can allow the cookies in parent directory by setting the cookie constants like COOKIEPATH.

For example, if I had WordPress installed at example.com/wp/ and I wanted the authentication works at example.com/, then I’d define the following in wp-config.php: (but I don’t know much about the differences between the SITECOOKIEPATH and COOKIEPATH, other than that the former seems to be specific to Multisite)

define( 'COOKIEPATH',        "https://wordpress.stackexchange.com/" );
define( 'SITECOOKIEPATH',    "https://wordpress.stackexchange.com/" );
define( 'ADMIN_COOKIE_PATH', '/wp/wp-admin' );

But the thing is, you’d need to logout first before applying the above changes, and so does with all other users who were already logged-in on your site, i.e. log out before you applied the above changes.

So you’d want to just invalidate all (existing) WordPress cookies by changing the security keys like LOGGED_IN_KEY — all users will have to login again, but at least, they’d be able to login properly.

Related Posts:

  1. Initialize WordPress environment to use in command line script
  2. Is it possible to get post metadata of referring page?
  3. Creating a Dynamic Path to wp-blog-header.php
  4. Problem accessing wp-load.php
  5. How to load wordpress environment without loading the template?
  6. WordPress function gives different results outside vs inside PHPUnit test
  7. How to avoid wp-load.php within a PHP/CSS file?
  8. How to efficiently load and use the wordpress API from outside the original structure
  9. Best way to load WordPress Bootstrap
  10. wp-load.php not working
  11. WP_load, shortinit for wordpress Ajax
  12. WordPress Nexus Theme front-end editor broken because cannot find wp-load.php [closed]
  13. Fetching latest posts from 2 different WP installations
  14. Loading wp-load.php in an external PHP file throws unknown error
  15. Which position is after `wp-load.php`?
  16. Exploiting WordPress Core Functionality for Development
  17. How to include wp-load.php and have all plugins load as well
  18. content of the page is not displaying getting empty page [closed]
  19. How to define the basic HTTP authentication using cURL correctly?
  20. How to define the basic HTTP authentication using cURL correctly?
  21. Using Pundit for all-access “super_admin” role
  22. What is the correct way to use WordPress functions outside WordPress files?
  23. What is the very earliest action hook you can call?
  24. How to load WordPress on non WP page?
  25. Displaying content from one WP site on separate WP site
  26. What is the best way to load the WP environment in a subdomain of my multisite WordPress install?
  27. How does ifttt.com authenticate a supplied WordPress account
  28. Notice: map_meta_cap was called incorrectly
  29. how can i embed wordpress backend in iframe
  30. Initialize WordPress environment to use in a real cron script
  31. Trying to avoid including wp-load.php
  32. How to force Authentication on REST API for Password protected page using custom table and fetch() without Plugin
  33. Create a post variable processing page
  34. external wordpress pages using wp-blog-header
  35. Looking for a better way to handle an ajax script that pulls in post data on click
  36. do_action and hook methods
  37. update_option not working in stand-alone PHP script
  38. wp_enqueue_style with style.php and WordPress functions
  39. How do you load WordPress from an external script when using MultiSite? [duplicate]
  40. Why does this check to see if user is authorized to edit a post fail for all but super admins?
  41. Call to undefined function issue
  42. WordPress Authentication Middleware
  43. wp-load Without Loading the plugins
  44. Open Post Thumbnail in New Child Theme File in WordPress
  45. Authentication with internal WP_REST_Request and rest_do_request()
  46. Accessing the database from a plugin outside of action hooks
  47. Issue using wp-load.php in WordPress Plugin Development
  48. Use wordpress functions in another PHP file
  49. how to upload a image from frontend with wp_insert_post and also update_post_meta?
  50. How to access $menu variable in custom .PHP file that loads wp-load.php?
  51. Custom login doesn’t work properly
  52. getting logged in user info (wp-load.php) from parent directory
  53. Programmatically inserting post through URL – when including wp-load.php, it’s redirecting to wp-admin/install.php
  54. WordPress server change – slow admin login time for first time
  55. Load wordpress content in other domain
  56. Why I have this error when I try to install this old blog on my local webserver?
  57. Access bloginfo, get_option, and plugins_url from a non-core php file
  58. Authenticating user for custom post type [closed]
  59. WP CLI can’t delete plugin related table
  60. What hook is the currently active theme’s functions.php file loaded on? [duplicate]
  61. Use wp-load() and wp_head() to render a page’s header outside of WordPress
  62. Load Next WordPress Posts With AJAX?
  63. WordPress Users authentication with Java Application
  64. WordPress REST Api: update user
  65. Take control of WordPress before functions.php
  66. How to Restrict Access to all wp-admin pages for subscriber users
  67. Requiring Authentication for Parts of WordPress Site
  68. How can I call wp-load.php in my plugin file
  69. Proper way to use WordPress function with AJAX PHP file
  70. How to display archive page posts based on author_id
  71. I need a standalone script in web root but still have access to the database
  72. External PHP file & Pretty Permalink
  73. WordPress and IPN problem
  74. PHP mobile redirect Endless loop
  75. Require authorization for access to RSS feeds, but leave posts public
  76. Subdomain redirect problem
  77. IIS Authorization Rules breaks WP REST-API and results in fail in Site Health
  78. I created a plugin with ‘view page’ that uses MYSQL + PHP. When I use wp_insert_post(), it turns everything to HTML
  79. How to load WordPress on non WP page?
  80. WordPress custom php script to match standard page layout
  81. Getting Fatal error: Uncaught Error: Call to undefined function plugin_dir_path() when linking to another file within my wordpress plugin
  82. How do I edit disclaimer/contact information?
  83. How to get option values without requiring wp-load?
  84. Causing my WordPress functions to execute twice
  85. Error establishing a database connection – after updating DNS
  86. Retrieve data from multiple WordPress sites using PHP script
  87. What is the best practice to initialise $wpdb by loading wp-load.php?
  88. Usage of wp_send_json_success and wp_redirect at the same time
  89. Manually cache a special, non-WP-but-using-WP page (e.g. Ajax results) with W3TC
  90. Using actions, hooks and filters in a non-WordPress page
  91. Frontend file upload works, but I get error “Constant ABSPATH already defined”
  92. Get Core Functionality from Within a (Secondary) Plugin File
  93. WordPress repository forbids me call wp-load.php in non-WordPress file
  94. What is Global WordPress Objects?
  95. wordpress login blank screen [closed]
  96. Sessions in word press [duplicate]
  97. Use ajax response in PHP function
  98. Properly process a custom WP REST API request (Authenticate, Authorize + Validate)?
  99. Authenticate + Authorize WP REST API request before built-in WP JSON Schema Payload Validation?
  100. What is the difference between authentication and authorization?
tech