WordPress is an open source content management tool. It is written in PHP and MySQL. It is an easy platform to create beautiful sites. You can let multiple users sign in to the website through the content management system. During a session, if you find that your website may have been compromised or someone unauthorized is accessing the system, you can easily log out all the users at once from the site by making some changes to the WordPress configuration file. In this guide, we will guide you through the steps on how you can force log out all the users at once from the site.
- A Domain Name (e.g., example.com)
- Hosting service with cPanel Access
Go to cPanel admin URL and enter your Credentials to enter the control panel of your hosting.
Click on File Manager to access the root directory of your WordPress site.
You need to make some changes to the WordPress configuration file.
This file wp-config.php file is located inside the public_html folder of the root directory of your website. It can be accessed through the File Manager in your cPanel or through an FTP application.
When you click edit, a dialog box will appear like the one shown below. Click Edit button to edit the configuration file in the Text editor.
In the Text editor, you will find code which is related with the authentication of the user.
You can simply press Ctrl+F in your browser and search for the keyword Auth and it will take you directly to the code which will look like the one below.
These keys help in authenticating the user. These lines are also known as authentication keys & salts.
Go to WordPress Secret key api page .
This page generates new key randomly that can be implemented in the wp-config files. A randomly generated authentication key & salt pair looks like the one below.
This site generates random key everytime it gets reloaded.
Copy the newly generated keys and paste them in your wp-config.php file. Save all the changes. This will automatically throw all the user out of the system and force them to log in to the system again.
By following the above steps, you can save your website from unauthorized access by logging out everyone in the system. Never give your account credentials to an unauthorized person.