Archive

Archive for December, 2017

Woocommerce logout without wp-login.php

December 13th, 2017 No comments

Consider the following scenario; you have a Woocommerce store up and running and you need to apply some basic security features. Restricting access to wp-admin.php and wp-login.php is at the top of my list, which can be achieved with a couple of rules in .htaccess.

Once you do this, your store should a slightly more secure and everything works fine! Up until you try to logout. Logging out requires visiting wp-login.php which is now restricted, resulting to an error and hence the user cannot log out. A workaround is detect when the Woocommerce directs to /customer-logout and log out the user using wp_logout() command. Finally, you can redirect the user to a page of your choice using wp_redirect(). I chose to redirect to My Account. The code was re-purposed from a popular demand to “Logout the user without confirmation“, which I used to achieve what I wanted.

So, include the following code to your theme’s functions.php and you should be good to go.

// Logout without confirmation.
function logout_without_confirmation() {
    global $wp;
    if ( isset( $wp->query_vars['customer-logout'] ) ) {
        wp_logout();
        wp_redirect(wc_get_page_permalink( 'myaccount' ));
        exit;
    }
}
add_action( 'template_redirect', 'logout_without_confirmation' );
Categories: web Tags: