Why does the sub site "Forgot Password" button redirect the user to main site?

In my Multisite installation I have created a few test sub sites. I noticed that when you click on the "Forgot Password" button on a sub site Admin login screen, you get redirected to the primary site of the installation. If you continue through the process of resetting the password, it does seem to work, but then the user has to manually go back to their sub site to re-enter their login information. By default they end up on the primary site's WP login screen and if they don't notice and enter their info there, they will get an error.

I did some searching and found this is just how Multisite works, but I would have to believe there is a solution that will keep the user on their sub site through the entire password reset process? Otherwise this is a very confusing user interface that should have been fixed years ago when developers first started asking about it.

I have not installed Pro Sites yet, but will that plugin handle the password reset process differently than the way the core is configured? Will it keep them on their own sub site? If so then that should solve this problem, if not, is their a better solution that doesn't involve changing core files that will get wiped with the next core update?

Thanks for your help,
Trevor

  • Nithin

    Hey Trevor,

    Hope you are doing good today.

    I did some searching and found this is just how Multisite works, but I would have to believe there is a solution that will keep the user on their sub site through the entire password reset process? Otherwise this is a very confusing user interface that should have been fixed years ago when developers first started asking about it.

    Yes, what you have said is right, that's how Multisite works. All the subsites are in a single network, hence they'll get redirected to the main site for password reset. Unfortunately, Pro sites follows the same default behavior of the WordPress Network, and you'll still get redirected to a main site with Pro sites plugin, there isn't any out of the box settings to change that through the Pro sites plugin.

    Could you please try the following code, and see whether it works to your needs. You can add the code as a /mu-plugins:
    https://gist.github.com/eteubert/293e07a49f56f300ddbb

    Please check this link on how to configure a /mu-plugins:
    https://premium.wpmudev.org/manuals/wpmu-manual-2/using-mu-plugins/

    I haven't tested this extensively in a Pro sites environment, would recommend you to check, and see whether it fits to you needs. Have a nice day.

    Best Regards,
    Nithin

  • Trevor

    Thanks for the links. I installed the plugin in my MU folder and it seems to work... kind of.

    When you click the "Lost Password" button it refreshes the page with the form to enter your username or email address. At this point the viewer is still on their sub site URL. Then when you click the "Get New Password" button the page refreshes again on your are still on the sub site login page to enter your login info. So far this is good.

    The problem is in the password reset email. The link that you have to click on to change it takes you to the main site. Once you enter your new password and click the "Reset Password" button the page refreshes again but you are still on the main site. If you click the little login text on that page it brings up the login box for the main site and not the original sub site. If they happen to enter their login info on this page they are directed to a message that says...

    "You attempted to access the "main site " dashboard, but you do not currently have privileges on this site..."

    So I guess the next question, is there anyway to change the password reset link in the email, and if not, is it possible to just forward them back to their dashboard and bypass the "You attempted..." message? If there isn't a way to bypass that message, is there the ability to change the text on that page to be more descriptive to the user?

    If they just read the messages and do what it says, it will work, but I can imagine this will be a little confusing to most users.

    Thanks,
    Trevor

  • apurba_podder

    Hello Trevor,

    Thanks for asking. Please check this thread for solution .
    https://premium.wpmudev.org/forums/topic/you-attempted-to-access-the-dashboard-but-you-do-not-currently-have-privileges-on-this-site
    https://premium.wpmudev.org/forums/topic/how-to-make-login-redirect-take-users-to-their-blogs-homepage

    Please let us know how it went. We are here to help you. Take care.

    Best Regards,
    Apurba

  • Trevor

    Thank you for your reply. Unfortunately neither of these options worked.

    The "Redirect multisite user to their own site" plugin didn't work, at least not for this scenario. The plugin was last updated 6 months ago and states compatibility up to 4.6.4, so maybe it doesn't work with 4.7.3.

    I also tried the second option adding the code to my main site's functions.php file, and that didn't work either. It looks like that is an old thread from 2011 so maybe that code no longer works with the latest version of WP.

    Any other ideas or workarounds you can think of? Even if it was just to edit the copy that appears in that error message (and ideally rename it so it doesn't display Wordpress error).

    Thanks,
    Trevor

  • Nithin

    Hey Trevor,

    Hope you are doing good today.

    The problem is in the password reset email. The link that you have to click on to change it takes you to the main site. Once you enter your new password and click the "Reset Password" button the page refreshes again but you are still on the main site. If you click the little login text on that page it brings up the login box for the main site and not the original sub site. If they happen to enter their login info on this page they are directed to a message that says...

    I tested the code what I have shared in the initial response, in my MU system(Pro sites enabled), and the code does work fine. I'm not able to replicate the mentioned issues in my system, and reading the code it does seem to work as expected. I performed all the steps as you have mentioned, and I never got redirected to the main site.

    This seems to be a site specific issue, and most probably one of the plugins in your website is causing this issue. Would recommend you to please run a quick plugin/theme conflict test as illustrated in getting support manual (flowchart), and rule out whether any plugin is causing this issue.
    http://premium.wpmudev.org/manuals/using-wpmu-dev/getting-support/

    I hope this helps. Please let us know how that goes, have a nice day.

    Best Regards,
    Nithin

  • Trevor

    Hi Nithin,

    I used the code provided in your suggestion above and it works great. The problem was the Domain Mapping plugin. I had installed and Network Activated in preparation for installing and setting up Pro Sites. I haven't gone through the configuration process for the Domain Mapping plugin, but I'm guessing that there is a setting that needs to be made that won't cause the reset password email to link to the primary website?

    As part of this password reset process, I noticed the emails coming in are all from "WordPress" and the email address is wordpress@subsite.mydomain.com. I want to change the from name and email address. I have used the below code in the past for other website notification emails but it doesn't seem to work for the password reset emails.

    add_filter('wp_mail_from', 'new_mail_from');
    add_filter('wp_mail_from_name', 'new_mail_from_name');
    
    function new_mail_from($old) {
    return 'name@mydomain.com';
    }
    function new_mail_from_name($old) {
    return 'name';
    }

    Do you know how to update the from email information?

    Thanks,
    Trevor

  • Kasia Swiderska

    Hello Trevor,

    I tested that code with Domain Mapping and it works correctly on my site. I setup Administration mapping and Login mapping to orginal domain and there is no redirects to main site:

    Can you check if those will work for you?

    For changing WordPress emails I can suggest using SMTP plugins:
    - https://srd.wordpress.org/plugins/wp-mail-smtp/
    - https://srd.wordpress.org/plugins/easy-wp-smtp/

    Also using those plugins emails from your site less likely will go to spam folders.

    kind regards,
    Kasia