WordPress is ideal for creating membership websites as the software already has good built-in support for handling multiple logged in users. Then, by installing a reputable membership plugin, you can enhance this functionality to control how those users get access to your site, which content they can view, and a lot more.
However, if there comes a time when you need to force logout all users in your membership site, you’ll soon discover that this functionality isn’t present in the core WordPress software. So if you suspect that unauthorized users might be logged into your site, or you need to restrict access to your membership content before updating it, by default there’s not much you can do through the WordPress dashboard to force those users to log out.
Thankfully, as you’re about to see in this guide, it's relatively easy to force logout all users in your WordPress membership site by either installing a free plugin or taking a more hands-on approach to get the job done.
But before we get to how you can force all, or some, of your members to log out of your site, here’s a quick look at why you might want to do this in the first place.
Why Force Logout All Users in Your Membership Site
There are many reasons why you might want to force all of the users in your membership site to logout.
Dealing with Security Issues
Perhaps one of the most common scenarios is if you suspect your site has been hacked or its security has been compromised in some way. By using the WPForce Logout plugin that we look at later on in this guide, you can see exactly who is logged into your site, and then if necessary, individually force logout any of those users.
Changing Registration Policies
Another reason why you might want to force all of your users to logout is if you’ve updated the security of your membership site. If you’ve now started requiring all members or users to confirm their email address before being able to log in, but have users who've already logged in, prior to this change, you can now force logout those users, by following the advice in this guide, and require them to confirm their email before being able to log in again.
Updating Your Site and Its Content
If you’re about to update your membership site, by adding more content or perhaps changing its design, then you might want to force logout all users before starting work. Doing so will prevent them from experiencing any issues while you are working on your website.
Temporarily Closing Your Membership Site
If there’s another reason why you need to temporarily close your membership site or restrict access, then knowing how to force all of your users to log out will enable you to ensure that there isn’t anyone who still has access to your site and its content.
Removing Inactive Members
Finally, if a member cancels their subscription or their membership is terminated for some other reason, you can force log them out to end their session and prevent them from accessing your members-only content.
How to Force Logout All Users of Your WordPress Membership Site
As you’re using WordPress for your membership site, you can easily force the log out of all of your users — or just some of them — in a few clicks by using a purpose-built plugin.
In this guide, as well as showing you how to force your logged-in users to log out with a plugin, we’ll demonstrate how to do it manually, just in case you’d rather not install another plugin on your WordPress website.
However, if you think you’ll be forcing your members to logout on multiple occasions, using the recommended plugin is the most convenient method.
How to Force Logout Your WordPress Users with a Plugin
When it comes to choosing a plugin that'll enable you to force logout your membership site users, WPForce Logout is the obvious choice. Not only is this plugin free to use but it also has impressive five out of five-stars rating (albeit from only six reviews).
As this plugin is freely available, it can be installed directly from inside your WordPress dashboard. To add it to your site, simply log in to your WordPress admin area and click on the Add New item from the Plugins menu on the left side of your dashboard. From there, enter WPForce Logout into the search box, and then click on the Install Now and Activate buttons.
Once the plugin is running on your website, you can see which of your members or users are currently logged in to your site from the WordPress Users screen inside your dashboard.
From the WordPress Users screen you now force logout all users on your membership site or logout individual users. You can also logout multiple users at the same time by checking the boxes next to their details, selecting Logout from the Bulk Actions dropdown menu, and then pressing the Apply button.
Once you’ve logged out one or more users, their status will change to Offline and they will have to log in to your membership site again in order to access your protected content.
How to Force Logout All Users Without Using a Plugin
If you don’t want to use a plugin, perhaps you only need to force logout all your users once, or you’re just curious to know how it’s done, this part of our guide will explain the process for doing it in a more manual way. For this to work, you will need access to the files on your hosting server, with the ability to edit the wp-config.php file from your WordPress installation.
Two common ways to access this file include accessing your server space via the File Manager of cPanel — or another type of control panel software – provided by your web host or via FTP software. To find out how to get this access, you’ll need to refer to the documentation supplied by your choice of web host.
Once you know how to access the files on your web server, you’ll need to find the wp-config.php file that’s located inside the public_html folder of your website’s root directory.
Once you’ve found the file, you’ll need to open it for editing. First, though, it’s recommended that you back up the file, either by creating a copy of it or downloading it to your computer.
If you are accessing wp-config.php via the cPanel File Manager, you can right-click on the file, and then select Edit from the menu.
Once you’re editing the wp-config.php file, you’ll be able to change the lines that relate to the authentication of the logged in users. Doing so will force logout all of the users in your membership site.
To find the relevant part of the wp-config.php file, search for Authentication. This will take you to this part of the file:
Replacing these keys in the wp-config.php file with new ones will force logout all users on your WordPress website. To get new keys, visit the site mentioned in the file: https://api.wordpress.org/secret-key/1.1/salt/
There, you’ll find a new set of keys that you can copy and then paste into your wp-config.php file to replace the existing ones. After saving the file, all of the logged-in users will be logged out.
As long as their accounts are still active on your site, those users will be able to log in again. However, if you are working on your website and want to prevent anyone apart from yourself from logging in, you can do so with a plugin like Disable Login.
You now know two different ways to force logout all users in your membership site.
Whether you choose to use a plugin or decide to edit the wp-config.php file, it’s very easy to log out your users.
If you have any questions about this, please leave a comment below.