Force Login


Easily hide your WordPress site from public viewing by requiring visitors to log in first. As simple as flipping a switch.

Make your website private until it’s ready to share publicly, or keep it private for members only.


  • Compatible con WordPress multisitio.
  • Login redirects visitors back to the url they tried to visit.
  • Extensive Developer API (hooks & filters).
  • Customizable. Set a specific URL to always redirect to on login.
  • Filter exceptions for certain pages or posts.
  • Restringir la API REST a usuarios identificados.
  • Translation Ready & WPML certified.

Informes de fallos

Bug reports for Force Login are welcomed on GitHub. Please note that GitHub is not a support forum.


Upload the Force Login plugin to your site, then Activate it.

1, 2: You’re done!


1. ¿Cómo puedo especificar una URL de redirección al iniciar sesión?

Por defecto, el plugin devuelve a los visitantes a la URL a la que intentaron acceder. Sin embargo, puedes redirigir a los usuarios a una URL específica añadiendo el filtro integrado de WordPress login_redirect a tu archivo functions.php.

2. How can I add exceptions for certain pages or posts?

Puedes anular el inicio de sesión forzado basándote en cualquier condición añadiendo el siguiente filtro a tu archivo functions.php.

Puedes utilizar las etiquetas condicionales de WordPress en tu código.

 * Bypass Force Login to allow for exceptions.
 * @param bool $bypass Whether to disable Force Login. Default false.
 * @param string $visited_url The visited URL.
 * @return bool
function my_forcelogin_bypass( $bypass, $visited_url ) {

  // Allow 'My Page' to be publicly accessible
  if ( is_page('my-page') ) {
    $bypass = true;

  return $bypass;
add_filter( 'v_forcelogin_bypass', 'my_forcelogin_bypass', 10, 2 );

Consulta Force Login Wiki en GitHub para ver ejemplos adicionales para permitir que las URL sean de acceso público.

3. ¿Cómo oculto el enlace « Volver a {siteame}»?

The WordPress login screen includes a « Back to {sitename}» link below the login form; which may not actually take you back to the site while Force Login is activated. You can hide this link by adding the following action to your functions.php file.

Requires: WordPress 2.5 or higher

// Hide the 'Back to {sitename}' link on the login screen.
function my_forcelogin_hide_backtoblog() {
  echo '<style type="text/css">#backtoblog{display:none;}</style>';
add_action( 'login_enqueue_scripts', 'my_forcelogin_hide_backtoblog' );


12 de junio de 2024
I find your plugin Force Login very useful and I love using it. Thank you very much. This plugin helps me to easily start a private site that only I can see or a closed site managed by a few members. I also love the fact that I can organize my members by simply managing WordPress users.
4 de abril de 2024
Simple plugin, no fuss, works as promised. Such a simple function that could easily be implemented but here we are, using a brilliant plugin. Thanks.
15 de diciembre de 2023
A great plugin that I’ve used for many years to protect sites in development. The author has been very helpful and patient when I requested help with a specialized coding question.
31 de julio de 2023
works great so far 👍 while other plugins had conflict with GSAP animation 😯…
Leer todas las 98 reseñas

Colaboradores y desarrolladores

«Force Login» es un software de código abierto. Las siguientes personas han colaborado con este plugin.


«Force Login» está traducido en 12 idiomas. Gracias a los traductores por sus contribuciones.

Traduce «Force Login» a tu idioma.

¿Interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.

Registro de cambios


  • Fix – Fixed issue for sites with a custom login URL.


  • Fix – Fixed issue for sites with a custom login URL.


  • Fix – Fixed too many redirects issue for Multisite users.


  • Feature – Added filter for Multisite unauthorized error message.
  • Tweak – Allow logged-in Multisite users to access bypassed pages of other sites.


  • Tweak – Deprecated whitelist filter, use v_forcelogin_bypass instead.


  • Tweak – Improved the visited $url variable.
  • Tweak – Changed code to comply with WordPress standards – props Alex Bordei.


  • Feature – Added nocache_headers() to prevent caching for the different browsers – props Chris Harmoney.
  • Tweak – Removed $url parameter from whitelist filter.


  • Feature – Added $url parameter to bypass and whitelist filters.
  • Tweak – Updated Multisite conditionals which determine user access to sites.
  • Tweak – Moved ‘v_forcelogin_redirect’ filter to improve performance.


  • Fix – Improved the REST API restriction to allow alternative modes of authentication.


  • Tweak – Restrict access to the REST API for authorized users only – props Andrew Duthie.
  • Tweak – Added load_plugin_textdomain() to properly prepare for localization at


  • Feature – Added filter to bypass Force Login redirect for allowing pages without specifying a URL.
  • Tweak – Changed the hook for Force Login to run at a later stage in the WordPress tree.
  • Fix – Replaced deprecated function – props Just-Johnny.


  • Tweak – Made plugin translation ready.


  • Fix – Multisite ‘Super Admin’ users do not need assigned sites to access the network.


  • Feature – Added exceptions for AJAX, Cron and WP-CLI requests.
  • Fix – Only allow Multisite users access to their assigned sites.


  • Fix – Check for existence of explicit port number before appending port – props Björn Ali Göransson.


  • Tweak – Removed v_getUrl() function to reduce possible duplicates of global functions – props Joachim Happel.


  • Fix – Rewrote v_getUrl() function to use HTTP_HOST instead of SERVER_NAME – props Arlen22.


  • Feature – Added filter for the redirect URL on login.
  • Feature – Added filter to allow whitelisting of additional URLs.


  • Fix – Rewrote v_getUrl function to include the server port – props Nicolas.


  • Feature – Added redirect to send visitors back to the URL they tried to visit before logging in.


  • Fix – Fixed password reset URL from being blocked – props estebillan.


  • Tweak – Streamlined code


  • Fix – Allow access to the registration and the lost password page URLs – props jabdo.