Force Login


Masquez facilement votre site WordPress au public en demandant aux visiteurs de se connecter d’abord. C’est aussi simple que d’appuyer sur un bouton.

Rendez votre site privé jusqu’à ce qu’il soit prêt à être partagé publiquement, ou gardez-le privé uniquement pour les membres.


  • Compatible avec WordPress en multisite.
  • La connexion redirige les visiteurs sur l’URL qu’ils tentaient de visiter.
  • Extensive Developer API (hooks & filters).
  • Personnalisable. Définissez une URL spécifique vers laquelle rediriger en permanence après connexion.
  • Filtre d’exceptions pour certaines pages ou articles.
  • Restrict REST API to authenticated users.
  • Prêt à traduire & certifié WPML.

Bug Reports

Bug reports for Force Login are welcomed on GitHub. Please note that GitHub is not a support forum.


Upload the Force Login plugin to your site, then Activate it.

1, 2 : c’est fait !


1. How can I specify a redirect URL on login?

By default, the plugin sends visitors back to the URL they tried to access. However, you can redirect users to a specific URL by adding the built-in WordPress filter login_redirect to your functions.php file.

2. How can I add exceptions for certain pages or posts?

You can bypass Force Login based on any condition by adding the following filter to your functions.php file.

You may use the WordPress Conditional Tags in your code.

 * Bypass Force Login to allow for exceptions.
 * @param bool $bypass Whether to disable Force Login. Default false.
 * @param string $visited_url The visited URL.
 * @return bool
function my_forcelogin_bypass( $bypass, $visited_url ) {

  // Allow 'My Page' to be publicly accessible
  if ( is_page('my-page') ) {
    $bypass = true;

  return $bypass;
add_filter( 'v_forcelogin_bypass', 'my_forcelogin_bypass', 10, 2 );

Check out the Force Login Wiki on GitHub for additional examples to allow URLs to be publicly accessible.

3. How do I hide the « ← Back to {sitename} » link?

The WordPress login screen includes a « ← Back to {sitename} » link below the login form; which may not actually take you back to the site while Force Login is activated. You can hide this link by adding the following action to your functions.php file.

Requires: WordPress 2.5 or higher

// Hide the 'Back to {sitename}' link on the login screen.
function my_forcelogin_hide_backtoblog() {
  echo '<style type="text/css">#backtoblog{display:none;}</style>';
add_action( 'login_enqueue_scripts', 'my_forcelogin_hide_backtoblog' );


6 avril 2023
So simple and so clever! As a plugin developer, a big part of my job is creating admin settings screens. So I spent a good few minutes trying to find the settings screen to fully enable this plugin. Then it dawned on me, there wasn't one. You just install, and the rest of the world is locked out. Genius! Fantastic work Kevin.Ben Roberts
20 décembre 2022
Great plugin with great support and documentation. Keep up the excellent work guys. Best Regards, George.
15 décembre 2022
I have installed ForceLogin on four wordpress sites. I found this plugin very simple -- no config to worry about. It has worked every time I tested it. I installed ForceLogin to block out site-categorization systems such as BlueCoat. Since BlueCoat doesn't have a login and can't see my site content, it will not give a bad rating against my site.
7 novembre 2022
This is a great little plugin if you like me only want to put your blog and all it's posts behind an enforced login. No user management, no additional features, only this. I've been running this plugin for quite some time and it just keeps on working.
8 octobre 2022 1 réponse
Plugin is deprecated and doesn't work, doesn't even have a control panel.
28 janvier 2022
perfect fit for my needs. so rare to find lightweight plugins. even needs no configuration. goodby "Members" plugin >.<
Lire les 92 avis

Contributeurs/contributrices & développeurs/développeuses

« Force Login » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.


“Force Login” a été traduit dans 12 locales. Remerciez l’équipe de traduction pour ses contributions.

Traduisez « Force Login » dans votre langue.

Le développement vous intéresse ?

Parcourir le code, consulter le SVN dépôt, ou s’inscrire au journal de développement par RSS.



  • Fix – Fixed issue for sites with a custom login URL.


  • Fix – Fixed issue for sites with a custom login URL.


  • Fix – Fixed too many redirects issue for Multisite users.


  • Feature – Added filter for Multisite unauthorized error message.
  • Tweak – Allow logged-in Multisite users to access bypassed pages of other sites.


  • Tweak – Deprecated whitelist filter, use v_forcelogin_bypass instead.


  • Tweak – Improved the visited $url variable.
  • Tweak – Changed code to comply with WordPress standards – props Alex Bordei.


  • Feature – Added nocache_headers() to prevent caching for the different browsers – props Chris Harmoney.
  • Tweak – Removed $url parameter from whitelist filter.


  • Feature – Added $url parameter to bypass and whitelist filters.
  • Tweak – Updated Multisite conditionals which determine user access to sites.
  • Tweak – Moved ‘v_forcelogin_redirect’ filter to improve performance.


  • Fix – Improved the REST API restriction to allow alternative modes of authentication.


  • Tweak – Restrict access to the REST API for authorized users only – props Andrew Duthie.
  • Tweak – Added load_plugin_textdomain() to properly prepare for localization at


  • Feature – Added filter to bypass Force Login redirect for allowing pages without specifying a URL.
  • Tweak – Changed the hook for Force Login to run at a later stage in the WordPress tree.
  • Fix – Replaced deprecated function – props Just-Johnny.


  • Tweak – Made plugin translation ready.


  • Fix – Multisite ‘Super Admin’ users do not need assigned sites to access the network.


  • Feature – Added exceptions for AJAX, Cron and WP-CLI requests.
  • Fix – Only allow Multisite users access to their assigned sites.


  • Fix – Check for existence of explicit port number before appending port – props Björn Ali Göransson.


  • Tweak – Removed v_getUrl() function to reduce possible duplicates of global functions – props Joachim Happel.


  • Fix – Rewrote v_getUrl() function to use HTTP_HOST instead of SERVER_NAME – props Arlen22.


  • Feature – Added filter for the redirect URL on login.
  • Feature – Added filter to allow whitelisting of additional URLs.


  • Fix – Rewrote v_getUrl function to include the server port – props Nicolas.


  • Feature – Added redirect to send visitors back to the URL they tried to visit before logging in.


  • Fix – Fixed password reset URL from being blocked – props estebillan.


  • Tweak – Streamlined code


  • Fix – Allow access to the registration and the lost password page URLs – props jabdo.