There is currently a botnet active, attacking WordPress and Joomla sites. And probably more. You should see more blocked logins. If you don’t, there is probably something wrong. But be aware, blocking IP addresses doesn’t help against a bot net with more than 90,000 IP addresses. And if you do that per plugin avoid Limit … Read more
wp_login_form() creates a form with an action attribute of site_url/wp-login.php, which means that when you click the submit button the form is posted to site_url/wp-login.php which ignores redirect_to on errors (like wrong password) so in your case either go back to using a plugin or recreate the whole login process and that way you will … Read more
In case you want to know if the user is logged in at the current moment. The other answers check if the user is logged in or not when the page loaded not the time when you’re running the javascript. The user could have logged in in a seperate tab for instance Put this in … Read more
Update: I have created a plugin for login, registration and retrieve password with email. https://wordpress.org/plugins/smart-wp-login/ Answer in short, you can configure WordPress to login with email. Three Steps: Remove default authentication function Add custom authentication function Change text “Username” in wp-login.php to “Email” One Note: Don’t edit core files. Remove WordPress default authentication function. WordPress … Read more
If you are doing this for your own site then using .htaccess might be the easiest way although it could get tricky if you want to make it work for a plugin as there would be lots of different subtle configuration differences to support. Here are some articles that could help; not all are directly … Read more
By default, the “Remember Me” checkbox makes you get remembered for 14 days. This is filterable though. This code will change that value: add_filter( ‘auth_cookie_expiration’, ‘keep_me_logged_in_for_1_year’ ); function keep_me_logged_in_for_1_year( $expirein ) { return 31556926; // 1 year in seconds }
Add below line to your wp-config.php before /* That’s all, stop editing!…*/ define(‘COOKIE_DOMAIN’, $_SERVER[‘HTTP_HOST’] ); /* That’s all, stop editing! Happy blogging. */
Disable all plugins and switch to the default theme. It should be gone now. Then enable each addon step by step, until the problem comes back. You know the source now, let’s say a plugin. The plugin calls probably wp_enqueue_script too early. Find all occurrences of that function, then make sure they are bound to … Read more
The action hook wp_login runs when the user logs in – it can run a simple function. function do_anything() { //do stuff } add_action(‘wp_login’, ‘do_anything’); documentation : https://codex.wordpress.org/Plugin_API/Action_Reference/wp_login The real breadwinner here is wp_authenticate which has a bit of documentation. It passes an array with the given username and password, which gives you the opportunity … Read more
wp_set_auth_cookie() will log a user in without having to know their password.