Site icon Hip-Hop Website Design and Development

How to Set WordPress to Automatically Log Out Idle Users

WordPress to Automatically Log Out

Web security is of prime importance these days. Just when you might think that your website does not hold any valuable information, hackers might take control of it. They might change the layout and tweak things around a bit just for fun.

Idle user sessions can lead to brute force attacks, where the hackers will use a cookie hijacking method to gain access to your site. This is why most websites these days, especially those related to the financial sector, automatically log out their inactive or idle users.

As a web site owner, you should be concerned about its safety. You can use this automatic log out feature for idle users to enhance security for your website.

As a result, inactive or idle users will be automatically kicked out after some time. Here we will see how we can configure WordPress to Automatically Log Out idle users.

Manual Method

You can manually set up WordPress to Automatically Log Out idle users using the following steps:

Paste the following code in your theme template:  
if(empty($id)){
       wp_logout();
    }

In your function.php file, paste the following code:
  add_action('wp_logout','go_home');
    function go_home(){
      wp_redirect( '/wp-login.php?action=logout&custom-logout=yes' );
      exit();
    }

    //If the custom parameter is set display the message on the login screen
    if(!empty($_GET['custom-logout']) && strtolower($_GET['custom-logout']) == "yes"){
     function custom_login_message() {
         $message = '<p class="message">Add your message here...</p><br />';
         return $message;
     }
     add_filter('login_message', 'custom_login_message');
    }

Install and Activate Logout Plugin

Use this simple and easy to use plugin to automatically log out inactive users from WordPress. Go to the WordPress Plugins area and search for Inactive Logout Plugin. Click to install and activate the Plugin.

After installing the plugin, you just need to go to settings and set the idle timeout. So now the inactive user sessions will be automatically terminated.

You can also configure a warning message to be sent to the users, alerting them that their session is about to end. It has the following features:

Idle User Logout Plugin

You can use this Plugin in WordPress to Automatically Log Out idle users. Go to the Plugins area and click on the Add New button. Search for the plugin Idle User Logout.

Select the plugin that bears the same name. Install and activate the plugin. This will create a Settings link in the left admin panel.

Click on Settings from the left panel. Click on Idle User Logout. It is present in the list of tools. The list may vary according to users but Idle User Logout will be there.

You can configure how long it takes for an auto-logout to occur. The default is 20 seconds but this might be too less, so it is advisable to set it to an optimal three hundred seconds or five minutes.

If you wish you can disable idle settings for WordPress admin, that is you. If you leave this checkbox checked, idle logout won’t happen to anyone who does not have an admin account. Please do remember to save your changes.

Related Post: How to Create a WordPress Users Email List

The post How to Set WordPress to Automatically Log Out Idle Users appeared first on SKT Themes.