Menu
We completely disabled the wp-login.php for security reasons.
But we would like to allow users to log out, but this requires the wp-login.php
So how could we write our own logout page that does not involve using wp-login.php ?
876
asked Dec 02 '25 09:12
Just have a page - like wp-logout.php - that runs session_destroy()
or better yet, wp_logout() (wp manual)
Albeit, I should offer an alternative to completely disabling that...
You could, for example, have a whitelist of IP's - and in your wp-login.php have:
if(!in_array($_SERVER['REMOTE_ADDR'], explode("\n",file_get_contents('whitelist.lst'))){
header("Location: http://yourpage.com"); exit();
}
Alternatively, you could just store the whitelist in an array that comes right before that...
$whitelist = array("123.456.789.100", "98.87.65.54"); //etc
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
