Get in touch
Back to blog
August 30th, 2022

How to use the auth_redirect function in WordPress

by Luca Reale

You can do many different things with redirects, and the WordPress auth_redirect function is particularly useful. It improves security and prevents users who aren’t logged in from accessing or viewing certain pages on your WordPress site. Additionally, the function makes the process of logging in simpler for users, contributing to a better user experience.

In this article, we will be explaining WordPress’s auth_redirect function and how you can implement it on your site.

What Is the WordPress auth_redirect Function?

WordPress auth_redirect is a function that checks if a user has logged in before they access a page. If they aren’t logged in, the function then redirects them to the login page.

For instance, if you have a resource meant for logged-in users only, e.g., a forum, you can add the auth_redirect function at the top of your forum page template to prevent users who aren’t logged in from viewing the forum.

Here’s what the auth_redirect looks like:

auth_redirect WordPress function
<?php auth_redirect(); ?>

If someone has their details saved within WordPress and they haven’t logged in, the system will redirect them to the login screen. Once they’ve logged in, the system will return them from whence they came (in our example, the forum page). 

So, in short, here’s the entire process:

A user tries accessing the forum page without logging in. WordPress’ auth_redirect function redirects them to the login page; they log in and are redirected to the forum they originally wanted to access.

So how do you use this function in WordPress?

How to Use auth_redirect in WordPress

You need to do a few things before you can use auth_redirect. First, you need to register it using the add_action. You can write this function in a custom WordPress Plugin or the functions.php file of your activated theme. 

Here is an example of how you can use WordPress’ auth_redirect function by writing the following code in the functions.php file of a web page:

code to add auth_redirect in functions.php
if ( is_page('user_only') &amp;&amp; ! is_user_logged_in() ) {

The is_user_logged_in function in the code simply checks if the user is logged in, it then returns either TRUE or FALSE, depending on the user’s status. If they aren’t logged in (FALSE), WordPress’s auth_redirect function takes over and ensures they’ve logged in.

In this example, auth_redirect doesn’t execute when the user is already logged in.


WordPress’ auth _redirect is a simple but important function that ensures users are logged in before accessing a resource on a website. It’s easy to implement, too, as it only requires making a small change to the functions.php file. You can combine auth_redirect with other functions to prevent non-logged-in users from viewing your web pages. 

We hope you’ve found this helpful. If you’d like to read more WordPress content, check out the rest of the Drewl blog.

Luca Reale
Content writer

Our newsletter

Our links

Our Work

Our Content


Copyright © 2023 Drewl (Luna Digital Ltd.). All rights reserved