Custom WordPress Redirect on Login Fail

I use this snippet to change the default redirect to /wp-login when user authentication fails on attempted login.


//redirects user to the page the login form is on and adds ?login=failed to the url
add_action( ‘wp_login_failed’, ‘my_front_end_login_fail’ ); // hook failed login

//redirect on login fail (doesn’t work when user clicks empty form. The FILTER BELOW custom_authenticate_username_password fixes this problem)
function my_front_end_login_fail( $username ) {
$referrer = $_SERVER[‘HTTP_REFERER’]; // where did the post submission come from?
// if there’s a valid referrer, and it’s not the default log-in screen
if ( !empty($referrer) && !strstr($referrer,’wp-login’) && !strstr($referrer,’wp-admin’) ) {
wp_redirect( add_query_arg(‘login’, ‘failed’, $referrer) ); // let’s append some information (?login=failed) to the URL for the theme to use
//Add this filter to change how blank username/password is treated (fixes redirect when form fields are empty)
add_filter( ‘authenticate’, ‘custom_authenticate_username_password’, 30, 3);
function custom_authenticate_username_password( $user, $username, $password )
if ( is_a($user, ‘WP_User’) ) { return $user; }

if ( empty($username) || empty($password) )
$error = new WP_Error();
$user = new WP_Error(‘authentication_failed’, __(‘<strong>ERROR</strong>: Invalid username or incorrect password.’));

return $error;

To display an error on the login page add this snippet that checks the $_GET for failed login and then displays the error

<?php if ($_GET[‘login’] == failed) { ?><p class=”error”>Incorrect username or password</p><?php }; ?>

And here is the CSS for the WordPress error styling.

border: solid 1px #c00;
padding: 5px;
color: #c00;
background: #ffebe8;
-webkit-border-radius: 3px;
border-radius: 3px;
margin-top: 5px;

Leave a Reply