Redirect failed login attempts to any location in WordPress

2 thoughts on “Redirect failed login attempts to any location in WordPress”

  1. Howdy. Wouldn’t it be better to use a native WordPress function like wp_get_referer() instead of $_SERVER[‘HTTP_REFERRER’]? Also, $referrer should probably be sanitized there with esc_url_raw() or something like that, and/or use wp_safe_redirect() instead – just to be sure $referrer wasn’t spoofed.

Comments are closed.