Light weight plugin to limit number of active logins from an account. Set maximum number of concurrent logins a user can have from multiple places.
By default in WordPress users can login using one account from unlimited devices/browsers at a time. This is not good for everyone, seriously! With this plugin you can easily set a limit for no. of active logins a user can have.
Loggedin π Features and Advantages
- Set maximum no. of active logins for a user.
- Block new logins when the login limit is reached.
- Allow new logins while logging out from other devices when the limit is reached.
- Force logout users from admin.
- Prevent users from sharing their account.
- Useful for membership sites (for others too).
- No complex settings. Just one optional field to set the limit.
- Super Light weight.
- Filter to bypass login limit for certain users or roles.
- Completely free to use with lifetime updates.
- Follows best WordPress coding standards.
Please contribute to the plugin development in GitHub.
π Important Notice
Even if the user is closing the browser without logging out, their login session exists for period of time. So this will also considered as an active login.
Bug reports are always welcome – report here.
loggedin.zip
to your plugins directory, which usually is /wp-content/plugins/
.If you would like to have an additional feature for this plugin, let me know
This plugin does not have a seperate settings page. But we have one configural settings to let you set the login limit.
Settings
page in admin dashboard.π Loggedin
.Maximum Active Logins
option.You can forcefully logout the user from other devices and allow new login.
Settings
page in admin dashboard.π Loggedin
.Login Logic
as Allow
.You block the new logins when the user is logged in from maximum no. of devices according to the limit you set.
Settings
page in admin dashboard.π Loggedin
.Login Logic
as Block
.That depends. If the βRemember Meβ box is checked while login, WordPress will keep the user logged in for 14 days by default. If βRemember Meβ is not checked, 2 days will be the active login session time.
You can change that period using, auth_cookie_expiration filter.
function loggedin_auth_cookie_expiration( $expire ) { // Allow for a month. return MONTH_IN_SECONDS; } add_filter( 'auth_cookie_expiration', 'loggedin_auth_cookie_expiration' );
You can forcefully logout a user from all the devices he has logged into. Get his WordPress user ID and,
Settings
page in admin dashboard.π Loggedin
.Force Logout
.Yes, of course. But this time you are going to add few lines of code. Don’t worry. Just copy+paste this code in your theme’s functions.php
file or in custom plugin:
function loggedin_bypass_users( $bypass, $user_id ) { // Enter the user IDs to bypass. $allowed_users = array( 1, 2, 3, 4, 5 ); return in_array( $user_id, $allowed_users ); } add_filter( 'loggedin_bypass', 'loggedin_bypass_users', 10, 2 );
Or if you want to bypass this for certain roles:
function loggedin_bypass_roles( $prevent, $user_id ) { // Array of roles to bypass. $allowed_roles = array( 'administrator', 'editor' ); $user = get_user_by( 'id', $user_id ); $roles = ! empty( $user->roles ) ? $user->roles : array(); $bypassed = array_intersect( $roles, $allowed_roles ); return ! empty( $bypassed ); } add_filter( 'loggedin_bypass', 'loggedin_bypass_roles', 10, 2 );
π Improvements
π Improvements
π¦ New
π¦ New
π Improvements
π Bug Fixes
π¦ New