Skip to content
Read For Learn
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP

Disabling the login form and redirect users on logout without headers sent php warning

The warning you are receiving is because you can’t redirect the browser to another page once you have already sent content for the current page to it.

The rest of the error tells you the exact file that is sending the content you don’t yet want. You need to either:

  • ensure you run your redirect in an earlier hook, before this content has the chance to be output; or
  • fix whatever is causing this content to be output so that the redirect will function as intended

In your case, the output is coming from wp-login.php as it outputs the actual login form. This means you’re going to have to hook in before this happens.

I can see what you’ve done here, and it’s a common error: you’ve found the login_head action referred to earlier in this function (around line 37 of wp-login.php), and attempted to hook into it. The thing is, the code add_action( 'login_head', 'wp_no_robots' ); that you’ve seen here is actually hooking into login_head itself; it’s not running the action.

Looking further into wp-login.php, within this same function, we find do_action( 'login_head' ); at around line 98 (notice do_action rather than add_action). This is when your hooked code is actually running, which unfortunately is after the output that has already been sent by WordPress (the start of the login page).

So, we need to find ourselves an earlier hook. Because we’re redirecting, we really should go as early as possible, otherwise we might be making WordPress do a lot of work it’s just going to have to do all over again on the page we redirect to. Having a look at the Action Reference on the Codex, init is a pretty early hook that sounds like it might meet our needs.

Excellent. Try modifying your hooked function to use init instead of login_head.

BUT, there’s one more step we need to take… otherwise we’re going to redirect every user on every page!

Inside your function, you need to now also check that it is the login page that is being viewed. Unfortunately WordPress doesn’t offer an is_login_page() function, so we can do this instead with a quick statement that checks the global pagenow variable:

if($GLOBALS["pagenow"] == "wp-login.php"){ /* do redirect here */ }

Putting all this together, you should now successfully be able to redirect away from the login page (I haven’t tested all this yet though!):

function e4_login_form_disable() {
    if ( $GLOBALS['pagenow'] == 'wp-login.php' ){
        if ( ! isset( $_GET['gandalf'] ) || $_GET['gandalf'] != 'thewhite' ) {
            wp_redirect( home_url() );
            exit;
        }
    }
}

add_action('init', 'e4_login_form_disable');

In regards to output buffering, yes this does technically work, but it’s definitely hacky, and you shouldn’t use it when there’s an alternative available. It’ll slow down each redirect slightly too.

Related Posts:

  1. In Django, how do I know the currently logged-in user?
  2. Can I programmatically login a user without a password?
  3. Can’t log in: “ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.”
  4. Is there any way to rename or hide wp-login.php?
  5. How to login with email only no username?
  6. How can I redirect user after entering wrong password?
  7. Increase of failed login attempts, brute force attacks? [closed]
  8. Login page ERROR: Cookies are blocked due to unexpected output
  9. Separate registration and login for different roles
  10. SSO / authentication integration with external ‘directory service’
  11. Preventing session timeout
  12. How reduce wordpress login session timeout time?
  13. How to prefill WordPress registration with social details
  14. Check for correct username on custom login form
  15. Disallow user from editing their own profile information
  16. I can’t access my site via wp-admin
  17. ‘Password field is empty’ error when using autofill in Chrome
  18. Removing username from the ‘wordpress_logged_in’ cookie
  19. How to show ‘login error’ and ‘lost password’ on my template page?
  20. What is $interim_login?
  21. Custom login form
  22. How to prefill the username/password fields on the login page
  23. wp_signon returns user, but the user is not logged in
  24. Adding extra authentication field in login page
  25. Prevent wp_login_form() from redirecting to wp-admin when there are errors
  26. Redirect user using the ‘wp_login_failed’ action hook if the error is ’empty_username’ or ’empty_password’
  27. wp_signon() does not authenticate user guidance needed
  28. What exactly is ReAuth?
  29. What are the differences between wp_users and wp_usermeta tables?
  30. Login members using web services
  31. Make my wordpress blog remember my login “forever”
  32. How to check in timber if user is loggedin?
  33. How do I change the language of only the login page?
  34. Disable WordPress 3.6 idle logout / login modal window / session expiration
  35. Stop WordPress from logging me out (need to keep me logged in)
  36. Woocommerce registration page [closed]
  37. How to disable autocomplete on the wp-login.php page
  38. Share login data/cookies between multiple installations
  39. Synchronize WordPress user accounts across multiple domains and installations without using WordPress MU
  40. How to pass users back and forth using session data?
  41. How do I change the logo on the login page?
  42. Why does WordPress hide the reset password key from the URL?
  43. Is it possible to sign in with user_email in WordPress?
  44. How to use current_user_can()?
  45. Avoid to load default WP styles in login screen
  46. WordPress registration message
  47. How to fake a WordPress login?
  48. how to display the wordpress login and register forms on a page?
  49. Does wp_logout_url() destroy a session? (Logging out question)
  50. How can I send a welcome email to a user AFTER they login for the first time?
  51. Can not login with correct username and password
  52. Website Visible only to Registered users
  53. How can i increase the login expiration length?
  54. How do I use add_action from a class method?
  55. How to remove the WordPress logo from login and register page?
  56. How can I add a custom script to footer of login page?
  57. Brute force attack?
  58. Customize wp_new_user_notification_email()
  59. Need to execute a cron job
  60. Login email after registration never sent or received
  61. How can I create a separate blog that is private?
  62. How to keep always logged in development environment
  63. Add Confirm Password field in wp-login.php Password Reset page
  64. Integrate recaptcha and wp_signon – what is needed?
  65. Stop users from logging in from multiple locations
  66. I want to disable E-Mail verifcation / activation when a user signs up for my WordPress site
  67. custom login page redirect to logged in user profile page
  68. Email address or username used to login in wordpress
  69. How do I check if a post is private?
  70. Front-end login: Redirect user to the post they had created
  71. Receiving “This content cannot be displayed in a frame” error on login page
  72. My login form does not work
  73. Programmatically log in a wordpress user
  74. Action wp_login_failed not working if only one field is filled out
  75. Getting “Cookies are blocked or not supported by your browser” on login page
  76. What is the purpose of logging out after WordPress upgrade?
  77. Is it alright for two people to simultaneously be logged into a WP site as administrator?
  78. wp-login.php redirecting to HTTPS
  79. Display last login time
  80. How to customise wp-login.php only for users who are setting a password for the first time?
  81. Intentionally Force Failed Login WordPress
  82. How do I turn off the ability to login?
  83. Gaining Login Access via the Database
  84. How can I test the login for an expired session?
  85. Give visitor access to password protected page/post via external script
  86. Send reset password link to user from custom lost password form
  87. What hooks should I use for pre-login and pre-registration actions?
  88. WordPress Login Footer URL
  89. Remove built in wordpress login and use only google auth
  90. Websites defaced by uploading script using theme editor
  91. wp_login action hook not working
  92. Make wordpress admin failed login attempt return 401
  93. Cookie settings for session across WPML subdomains using custom AJAX login
  94. How to translate “wrong password” message
  95. Login redirect_to loop with reauth=1, cookie expiry set to 1 year in past
  96. User Login Form Outside the Default wp-login Form
  97. Change sign-on URLs for security purposes
  98. Change Login Page for a Multisite Subsite
  99. Change admin login URL
  100. moving server can not login
Categories login Tags login
click on Gallery picture but pictures doesn’t appear
How To Edit User Profile In Front End?

Recommended Hostings

Cloudways: Realize Your Website's Potential With Flexible & Affordable Hosting. 24/7/365 Support, Managed Security, Automated Backups, and 24/7 Real-time Monitoring.

FastComet: Fast SSD Hosting, Free Migration, Hack-Free Security, 24/7 Super Fast Support, 45 Day Money Back Guarantee.

Recent Added Topics

  • Bug in translation system: load_theme_textdomain() returns true, files are available and accessible but the language defaults to english
  • Custom Elementor controls not appearing in the widget Advanced tab using injection hooks
  • Get the name of the template/*html file used
  • Trying to Add Paging to Single Post Page
  • Sharing media files between live and staging servers
  • How to display the description of a custom post type in the dashboard?
  • Critical error on image display
  • Copying WP data and files into new install?
  • How to determine the DirectAdmin WordPress backup date?
  • How to get list of ALL tables in the database?
© 2026 Read For Learn
  • Database
    • Oracle
    • SQL
  • algorithm
  • asp.net
  • assembly
  • binary
  • c#
  • Git
  • hex
  • HTML
  • iOS
  • language angnostic
  • math
  • matlab
  • Tips & Trick
  • Tools
  • windows
  • C
  • C++
  • Java
  • javascript
  • Python
  • R
  • Java Script
  • jQuery
  • PHP
  • WordPress