How to Redirect Failed Login Attempts to Any Location in WordPress

The code snippet given is a simple and effective way to redirect failed login attempts in WordPress to a specific location. This function could be useful in various situations, such as enhancing user experience or boosting security measures.

Let’s dive into which each line of code accomplishes.

Firstly, we define a new function wpturbo_redirect_failed_login(). This function will hold the directives on what actions to undertake when a login attempt fails.

Inside this function, we’ll find these lines:

// Specify the location to redirect to
$location = home_url();
wp_redirect( $location );
exit;

The $location variable is set to the result of home_url(), a WordPress function that gets the URL for the home (or main) page of the site. This is where the failed login will be redirected to.

In the next line, wp_redirect( $location );, the wp_redirect() function is another WordPress function designed to perform a safe (HTTP compliant) redirection to the specified URL, which we’ve defined earlier as our home URL.

The exit; after the redirect function is important because it prevents the rest of the script from running, thus forcing the redirection.

The second part of this snippet, add_action( 'wp_login_failed', 'wpturbo_redirect_failed_login' );, uses the add_action() function to plug our custom function into the WordPress lifecycle:

The first parameter, wp_login_failed, is the action we are hooking our function onto. This specific action triggers when a login attempt fails.

The second parameter, 'wpturbo_redirect_failed_login', is the name of the function to be called when the action is triggered.

Thus, this add_action call is essentially an instruction to WordPress to call our wpturbo_redirect_failed_login() function whenever a login attempt fails. When our function is called, it redirects the user to the home page.