Title: 302 Redirect loop for locked users (with solution code) Last modified: March 8, 2017 --- # 302 Redirect loop for locked users (with solution code) * [dalgaard](https://wordpress.org/support/users/dalgaard/) * (@dalgaard) * [9 years, 2 months ago](https://wordpress.org/support/topic/302-redirect-loop-for-locked-users-with-solution-code/) * When a user is locked out, i get a 302 redirect loop to the frontpage. * I have isolated the problem to be in class-itsec-lockout.php in the execute_lock method. * This code assumes that the wp_get_current_user function does not return an object for a logged out user. But it does! It is just an empty user-object with ID = 0 * ``` $current_user = wp_get_current_user(); if ( is_object( $current_user ) && isset( $current_user->ID )) { wp_logout(); } ``` * Proposed solution (The code is almost directly taken from the example on [wp_get_current_user](https://codex.wordpress.org/Function_Reference/wp_get_current_user#Checking_Other_User_Attributes) documentation page: * ``` $current_user = wp_get_current_user(); if ( $current_user->ID !== 0) { wp_logout(); } ``` - This topic was modified 9 years, 2 months ago by [dalgaard](https://wordpress.org/support/users/dalgaard/). - This topic was modified 9 years, 2 months ago by [dalgaard](https://wordpress.org/support/users/dalgaard/). Viewing 2 replies - 1 through 2 (of 2 total) * [pronl](https://wordpress.org/support/users/pronl/) * (@pronl) * [9 years, 2 months ago](https://wordpress.org/support/topic/302-redirect-loop-for-locked-users-with-solution-code/#post-8893389) * [@dalgaard](https://wordpress.org/support/users/dalgaard/) * Yup. Though the codex wp_get_current_user() page includes the following note: * > IMPORTANT NOTE: This is for demonstration purposes ONLY. The correct way to > determine whether a user is logged in is to use the function is_user_logged_in(). * So simply use: * ``` if ( is_user_logged_in() ) wp_logout(); ``` * Where the original code of the is_user_logged_in() function is: * ``` $user = wp_get_current_user(); return $user->exists(); ``` * Do note is_user_logged_in() is a pluggable function. * Thread Starter [dalgaard](https://wordpress.org/support/users/dalgaard/) * (@dalgaard) * [9 years, 2 months ago](https://wordpress.org/support/topic/302-redirect-loop-for-locked-users-with-solution-code/#post-8938736) * Any chance that the developers will include this fix? Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘302 Redirect loop for locked users (with solution code)’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 2 replies * 2 participants * Last reply from: [dalgaard](https://wordpress.org/support/users/dalgaard/) * Last activity: [9 years, 2 months ago](https://wordpress.org/support/topic/302-redirect-loop-for-locked-users-with-solution-code/#post-8938736) * Status: not resolved