Introduction
You enter your username and password, hit log in… and land right back on the login screen. No error, no dashboard — just the same form again. This is the WordPress login redirect loop, and it’s as frustrating as it is common. The good news: it’s almost always caused by one of a few specific things, and you can work through them quickly.
What Causes the Login Loop
WordPress logs you in by setting a cookie, then redirecting you to the dashboard. The loop happens when something interferes with that process — usually:
- A mismatch in your site URLs (for example,
httpvshttps, orwwwvs non-www). - Stale or blocked browser cookies.
- A corrupted
.htaccessfile. - A plugin or theme conflict, often from membership, security, or redirect plugins.
Step 1: Clear Your Browser Cookies and Cache
Because the loop is a cookie problem at heart, the quickest first test is to clear your browser’s cookies and cache for your site — or simply try logging in from a private/incognito window or a different browser. If you get straight in, stale cookies were the cause, and clearing them on your main browser resolves it.
Step 2: Check Your Site URL Settings
A mismatch between your configured site address and the address you’re actually visiting is the most common deeper cause. If you can’t reach Settings → General (because you can’t log in), set the URLs directly in wp-config.php via FTP by adding these lines, using your real address:
define( 'WP_HOME', 'https://yourdomain.com' );
define( 'WP_SITEURL', 'https://yourdomain.com' );
Make sure these exactly match how your site actually loads (including https and whether you use www). A mismatch here sends WordPress redirecting in circles.
Step 3: Regenerate the .htaccess File
A broken .htaccess — sometimes left by a redirect or SSL plugin — can trap logins in a loop. Via FTP, rename .htaccess to .htaccess_old and try logging in. If it works, generate a fresh one by visiting Settings → Permalinks and clicking Save Changes (no changes needed).
Step 4: Deactivate Plugins
If you’re still looping, a plugin is the likely culprit — especially anything that handles redirects, security, caching, or membership. Since you can’t reach the dashboard, deactivate them via FTP by renaming the /wp-content/plugins folder to plugins_old. If you can then log in, rename it back and reactivate plugins one at a time until the loop returns and reveals the offender.
Step 5: Switch to a Default Theme
Less common, but possible: a theme with custom login or redirect logic. Rename your active theme’s folder in /wp-content/themes so WordPress falls back to a default theme. If the loop clears, the theme was responsible.
Frequently Asked Questions
Why can I log in from incognito but not my normal browser?
That points squarely at cookies. Clear your site’s cookies and cache in your normal browser and the loop should disappear.
I added WP_HOME and WP_SITEURL but it’s still looping — now what?
Double-check they match your real address exactly (protocol and www). Then move on to regenerating .htaccess and deactivating plugins.
Could an SSL or “force HTTPS” setting cause this?
Yes — a redirect rule that conflicts with your site URLs can loop logins. Make sure your URLs are set to https and you don’t have duplicate HTTPS redirects fighting each other.
Is my data at risk?
No — a login loop doesn’t affect your content. It’s purely about the login/redirect process. A backup is still wise before editing wp-config.php or .htaccess.
Conclusion
The WordPress login loop feels like you’re locked out for good, but it’s really just a cookie or redirect getting in the way. Clear your cookies, confirm your site URLs, regenerate .htaccess, and rule out plugins and your theme. One of those almost always breaks the cycle and gets you back into your dashboard.
Edit core files without the worry
Before changing wp-config.php or .htaccess, take a quick backup with Nota Backup & Restore — so any change is a one-click undo. Start your 14-day free trial — no credit card required.
