How to Fix the WordPress Login Redirect Loop
Since there are so many possible causes of this issue, and each of them requires a specific solution, in this guide, we will focus on solving the WordPress login redirect loop sub-error. First, let’s clarify what the login redirect loop error is.
It is an error that happens when you repeatedly try to log in using your credentials, but the login page keeps refreshing and opening again, denying you access to your dashboard. This is a common issue and fortunately has a relatively easy and straightforward solution. To make this article easier to navigate, we’ve broken it down into several steps:
Confirming the issue
Before troubleshooting the issue, you need to establish if it is really present. Navigate to your login page (the URL is your-site/wp-login.php) and try to login by entering your WordPress username and password. Make sure that you properly type the username and the password and press the Log In button. If the page refreshes and redirects you to the login page, with the credentials deleted from their respective fields, you’re dealing with a WordPress login redirect loop error.
Now we’ll show you how to fix this error, but first – an important reminder.
Solving the Issue
WordPress uses browser cookies for user authentication and managing sessions. However, if it’s using cookies that are cached and invalid, it may lead to a redirect loop. Therefore, the simplest first step is clearing your browser’s cache. Here’s how you can do it on Google Chrome and Mozilla Firefox.
Click on the three dots in the top right corner of the screen. In the menu, select History and once again click on History that will appear within the new menu area.
This will open a new page. Click on the Clear browsing data option in the top left corner of the screen.
In the new window, click on the Basic tab and choose the time range for clearing the data. Mark both the Cookies and other site data and Cached images and files and click on the Clear data button.
To clear cache in Firefox, click on the hamburger menu in the top right corner and select Options.
Choose the Privacy & Security option in the new window.
Scroll down to the Cookies and Site Data section and click on the Clear Data button.
In the small popup window, mark Cookies and Site Data and Cached Web Content. Finish by clicking on the Clear button.
After you clear the browser cache, try logging in to your dashboard. Since caching is the most common reason for the redirect issue, the error will probably be solved. If it isn’t, move on to the following solutions.
Another common reason for the redirection issue is a plugin conflict. To test this, you need to deactivate all plugins and try to log in to your dashboard afterward. Since you cannot access the dashboard, you’ll have to deactivate the plugins via FTP or using a control panel such as cPanel.
Deactivating your plugins via FTP
Connect to your server using your FTP credentials. Navigate to the root WordPress directory (often called public_html) and find the wp-content directory inside and open it. Right-click on the plugins folder and select the Rename option.
Rename the plugins folder (e.g. plugins.deactivated) to deactivate them. Refresh and try logging in. If the issue is gone, it means that the culprit is a faulty plugin.
To pinpoint the problematic plugin, activate all plugins and then deactivate them one by one. Between each deactivation, check if the login issue has disappeared.
First, rename the previously edited folder to its original name, i.e. to plugins. This won’t activate the plugins immediately, it will only give you the ability to activate them from your dashboard. While connected to the dashboard, navigate to Plugins > Installed Plugins and activate all plugins manually. Afterward, log out of your dashboard.
Then, connect to your server using your FTP credentials once more and navigate to this path: your-site/wp-content/plugins/. Right-click on one of the plugins’ folders and click on the Rename option.
Change the folder name (e.g. pluginname.deactivated).
Try to log in to your dashboard again. If you successfully log in, the last renamed plugin can be pinpointed as the source of the issue. Repeat the same process for all plugins, one by one, until you find the faulty one.
Deactivating your plugins via cPanel
Connect to cPanel using your credentials and click on the File Manager option, located in the Files section.
Locate your root WordPress directory (often called public_html) and click on the wp-content directory. Right-click on the plugins directory and select the Rename option.
Rename the plugins directory as you wish (e.g. plugins.deactivated).
Try to log in to your dashboard afterward. If you succeed, it means the issue is caused by one of the plugins. Pinpointing the culprit follows the same logic we’ve previously described. Reactivate all your plugins and deactivate them one by one, with login attempts in between.
Rename the plugins directory back to its original name (i.e. to plugins).
While you are still logged in to your dashboard, navigate to Plugins > Installed Plugins and activate all the plugins manually. Then, log out from your dashboard.
Connect to cPanel once more and navigate to the root WordPress directory. Open the wp-content directory and click on the plugins folder. Right-click on one of the plugins’ folders and select the Rename option.
Rename the plugin (e.g. pluginname.deactivated) and then click on the Rename File button.
By changing the plugin name, you are deactivating it. After each deactivation, try logging in to your dashboard. Once you log in successfully, you’ll know that the last deactivated plugin caused the issue. Repeat the same process for all plugins, one by one, until you find the culprit.
Once you find the faulty plugin, delete it and find an alternative plugin. If you need this particular plugin, contact its authors for further assistance.
A faulty WordPress theme is another common reason for this error. Most often, the issue occurs due to incompatibility with the latest WordPress version. To test this, switch your current theme to one of the default WordPress themes using FTP. If the login issue disappears, the theme is the culprit.
However, there are some differences in the testing process depending on the WordPress theme you’re currently using.
If you aren’t using a default theme
If you have multiple themes installed, including a default WordPress theme (e.g. Twentytwenty), you can simply deactivate the current theme via FTP. The default theme will automatically activate instead. If your following login attempt is successful, you can conclude that your current theme is the issue.
To deactivate the current theme, connect to your server using your FTP credentials and locate the root WordPress directory, often called public_html. Navigate to /wp-content/themes/ directory, right-click on the folder of your current theme and select the Rename option.
Rename the theme to deactivate it. Try to log in to your dashboard afterward.
If you are using a default theme
If you are already using a default WordPress theme, there are 2 options. You can upload a different default theme via FTP and then follow the steps we described in the previous section. The other option is to upload the latest version of your current theme to your server, overriding its files. In both cases, try logging in afterward.
To upload a theme, find it in the WordPress default theme repository and download it. You can find a specific theme using the search filter.
The downloaded files will most likely be in your Downloads folder, in a .zip file called theme-name.zip. Locate the .zip file and extract it. Connect to your server using your FTP credentials and navigate to the following path: your-site-url/wp-content/themes/.
Drag and drop the unzipped theme-name folder to upload it.
Make sure not to put the folder inside the folder(s) of the existing themes!
If your theme caused the login issue, contact its authors for further assistance.
The .htaccess file is an important server configuration file. One of its functions is restricting access to different types of users. Therefore, a corrupt .htaccess file could cause login issues. In that case, the solution is to delete the current .htaccess file and create one with the default code. You can do this both via FTP and cPanel. Before you do this, it is extremely important to create a backup of your site, or at least .htaccess file.
Deleting the .htaccess file via FTP
Connect to the server using your FTP credentials and navigate to the root WordPress directory, to the path: your-site-url/public_html. Locate the .htaccess file, right-click on it and select Delete.
If you cannot find the file, enable showing the hidden files within your FTP client of choice. In FileZilla, you can find this option under the Server tab. It is called Force showing hidden files.
Deleting the .htaccess file via cPanel
Connect to the cPanel using your credentials and click on the File Manager option.
Navigate to your root WordPress directory, find the .htaccess file, right-click on it and select Delete.
If you cannot locate the .htaccess file, click on the Settings in the top right corner, select the Show Hidden Files(dotfiles) option and press Save.
If you successfully log in to your dashboard after deleting the .htaccess file, it means that a corrupted .htaccess file caused the error. To create a new, default .htaccess file, navigate to Settings > Permalinks while logged into your dashboard, and click on Save Changes.
If you still cannot log in, restore the previous version of the .htaccess file from the backup.
Sometimes, defining your site’s URL in the wp-config file can solve the issue. This may be the solution if you have changed your domain recently. You can edit the wp-config.php file both via FTP and cPanel.
Editing the wp-config.php file via FTP
Connect to your server using your FTP credentials and navigate to the WordPress directory. Find the wp-config.php file, right-click it and select View/Edit.
Open the file using a text editor and add two lines of code above the /* That’s all, stop editing! Happy blogging. */ line. Replace the my-website.com part with your actual website URL. If your site address contains www, don’t forget to add that as well.
Save the changes, and upload the edited file back to your root WordPress directory, overriding the existing one.
Editing the wp-config.php file via cPanel
Connect to cPanel using your credentials and click on the File Manager option.
Find the file in your root WordPress directory, right-click it and select Edit.
Insert the following code above the /* That’s all, stop editing! Happy blogging. */ line.
Replace the my-website.com part with your actual website URL. If your site address contains www, don’t forget to add that as well.
Finish by clicking on the Save Changes button in the top right corner.
After editing the file, try to log in to your dashboard.
Step 6: Contact Your Hosting Provider
Although it happens rarely, in some cases, none of these methods will solve the error. In that case, contact your hosting provider for further assistance. Persistent login page redirecting error can be caused by issues with the server settings, database problems, faulty WordPress files, broken php.ini file, etc. Your hosting provider will help you deal with these less common causes of redirection error.
Equipped with this guide, you most likely managed to regain control of your WordPress dashboard. Furthermore, now you understand how various parts of your site can affect access to your dashboard. Since the WordPress login redirect loop is a common error, be sure to bookmark the article for future reference.