wp_redirect( string $location, int $status = 302, string $x_redirect_by = ‘WordPress’ ): bool

Redirects to another page.

Description

Note: wp_redirect() does not exit automatically, and should almost always be followed by a call to exit;:

wp_redirect( $url );
exit;

Exiting can also be selectively manipulated by using wp_redirect() as a conditional in conjunction with the ‘wp_redirect’ and ‘wp_redirect_status’ filters:

if ( wp_redirect( $url ) ) {
    exit;
}

Parameters

$locationstringrequired
The path or URL to redirect to.
$statusintoptional
HTTP response status code to use. Default '302' (Moved Temporarily).

Default:302

$x_redirect_bystringoptional
The application doing the redirect. Default 'WordPress'.

Default:'WordPress'

Return

bool False if the redirect was canceled, true otherwise.

Source

function wp_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {
	global $is_IIS;

	/**
	 * Filters the redirect location.
	 *
	 * @since 2.1.0
	 *
	 * @param string $location The path or URL to redirect to.
	 * @param int    $status   The HTTP response status code to use.
	 */
	$location = apply_filters( 'wp_redirect', $location, $status );

	/**
	 * Filters the redirect HTTP response status code to use.
	 *
	 * @since 2.3.0
	 *
	 * @param int    $status   The HTTP response status code to use.
	 * @param string $location The path or URL to redirect to.
	 */
	$status = apply_filters( 'wp_redirect_status', $status, $location );

	if ( ! $location ) {
		return false;
	}

	if ( $status < 300 || 399 < $status ) {
		wp_die( __( 'HTTP redirect status code must be a redirection code, 3xx.' ) );
	}

	$location = wp_sanitize_redirect( $location );

	if ( ! $is_IIS && 'cgi-fcgi' !== PHP_SAPI ) {
		status_header( $status ); // This causes problems on IIS and some FastCGI setups.
	}

	/**
	 * Filters the X-Redirect-By header.
	 *
	 * Allows applications to identify themselves when they're doing a redirect.
	 *
	 * @since 5.1.0
	 *
	 * @param string $x_redirect_by The application doing the redirect.
	 * @param int    $status        Status code to use.
	 * @param string $location      The path to redirect to.
	 */
	$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );
	if ( is_string( $x_redirect_by ) ) {
		header( "X-Redirect-By: $x_redirect_by" );
	}

	header( "Location: $location", true, $status );

	return true;
}

Hooks

apply_filters( ‘wp_redirect’, string $location, int $status )

Filters the redirect location.

apply_filters( ‘wp_redirect_status’, int $status, string $location )

Filters the redirect HTTP response status code to use.

apply_filters( ‘x_redirect_by’, string $x_redirect_by, int $status, string $location )

Filters the X-Redirect-By header.

Changelog

VersionDescription
5.4.0On invalid status codes, wp_die() is called.
5.1.0The $x_redirect_by parameter was added.
1.5.1Introduced.

User Contributed Notes

  1. Skip to note 7 content

    wp_redirect() does not validate that the $location is a reference to the current host. This means that this function is vulnerable to open redirects if you pass it a $location supplied by the user. For this reason, it is best practice to always use wp_safe_redirect() instead, since it will use wp_validate_redirect() to ensure that the $location refers to the current host. Only use wp_redirect() when you are specifically trying to redirect to another site, and then you can hard-code the URL.

    // We don't know for sure whether this is a URL for this site,
    // so we use wp_safe_redirect() to avoid an open redirect.
    wp_safe_redirect( $url );
    
    // We are trying to redirect to another site, using a hard-coded URL.
    wp_redirect( 'https://example.com/some/page' );
  2. Skip to note 8 content

    Examples

    <?php wp_redirect( home_url() ); exit; ?>

    Redirects can also be external, and/or use a “Moved Permanently” code :

    <?php wp_redirect( 'http://www.example.com', 301 ); exit; ?>

    The code below redirects to the parent post URL which can be used to redirect attachment pages back to the parent.

    <?php wp_redirect( get_permalink( $post->post_parent ) ); exit; ?>
  3. Skip to note 9 content

    Unless this is patched to perform this natively in the future, be sure to include nocache_headers(); before the wp_redirect if you want to make sure the visitor’s browser doesn’t cache the redirect page result (can even happen when this is set to use a 302 redirect) which may cause the redirect to happen for longer than desired.

    For example, this can be problematic when used to redirect to a login page when trying to access protected content since the visitor can then log in to find that they’re still taken back to the login page when trying to go back to that page they were trying to go to due to the redirect having been potentially cached by their web browser (again, even with it being a 302 redirect.) Having nocache_headers(); before the redirect prevents this potential issue.

  4. Skip to note 11 content
    /**
     * Redirect categories, tags, date, author and specific custom taxonomies to homepage
     */
    function my_redirect_taxonomy_archive() {
        // redirect category, tag, date, author archives
    	if (
    		is_category() ||
    		is_tag() ||
    		is_date() ||
    		is_author()
    	){
    		wp_redirect( home_url(), 301 );
    	} else if ( is_tax() ) { // redirect custom taxonomy term archives
    		$archive_taxonomies_to_redirect = [
    			'book',
    			'event',
    		];
    
    		foreach($archive_taxonomies_to_redirect as $taxonomy) {
    			if ( is_tax( $taxonomy ) ) {
    				wp_redirect( home_url(), 301 );
    			}
    		}
    	}
    }
    add_action( 'template_redirect', 'my_redirect_taxonomy_archive' );
  5. Skip to note 12 content

    get_permalink() is only really useful for single pages and posts, and only works inside the loop.

    WP Redirect to Current Page

    global $wp;
    wp_redirect( get_permalink( home_url( $wp->request ) ) ); 

You must log in before being able to contribute a note or feedback.