wp_redirect( string $location, int $status = 302 )

Redirects to another page.

Description Description

Note: wp_redirect() does not exit automatically, and should almost always be followed by a call to exit;:

wp_redirect( $url );

Exiting can also be selectively manipulated by using wp_redirect() as a conditional
in conjunction with the ‘wp_redirect’ and ‘wp_redirect_location’ hooks:

if ( wp_redirect( $url ) ) {

Parameters Parameters


(string) (Required) The path to redirect to.


(int) (Optional) Status code to use.

Default value: 302

Top ↑

Return Return

(bool) False if $location is not provided, true otherwise.

Top ↑

Source Source

File: wp-includes/pluggable.php

function wp_redirect($location, $status = 302) {
	global $is_IIS;

	 * Filters the redirect location.
	 * @since 2.1.0
	 * @param string $location The path to redirect to.
	 * @param int    $status   Status code to use.
	$location = apply_filters( 'wp_redirect', $location, $status );

	 * Filters the redirect status code.
	 * @since 2.3.0
	 * @param int    $status   Status code to use.
	 * @param string $location The path to redirect to.
	$status = apply_filters( 'wp_redirect_status', $status, $location );

	if ( ! $location )
		return false;

	$location = wp_sanitize_redirect($location);

	if ( !$is_IIS && PHP_SAPI != 'cgi-fcgi' )
		status_header($status); // This causes problems on IIS and some FastCGI setups

	header("Location: $location", true, $status);

	return true;

Top ↑

Changelog Changelog

Version Description
1.5.1 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

  1. Skip to note content
    Contributed by J.D. Grimes

    wp_redirect() does not validate that the $location is a reference to the current host. This means that this function is vulnerable to open redirects if you pass it a $location supplied by the user. For this reason, it is best practice to always use wp_safe_redirect() instead, since it will use wp_validate_redirect() to ensure that the $location refers to the current host. Only use wp_redirect() when you are specifically trying to redirect to another site, and then you can hard-code the URL.

    // We don't know for sure whether this is a URL for this site,
    // so we use wp_safe_redirect() to avoid an open redirect.
    wp_safe_redirect( $url );
    // We are trying to redirect to another site, using a hard-coded URL.
    wp_redirect( 'https://example.com/some/page' );
  2. Skip to note content
    Contributed by Codex


    <?php wp_redirect( home_url() ); exit; ?>

    Redirects can also be external, and/or use a “Moved Permanently” code :

    <?php wp_redirect( 'http://www.example.com', 301 ); exit; ?>

    The code below redirects to the parent post URL which can be used to redirect attachment pages back to the parent.

    <?php wp_redirect( get_permalink( $post->post_parent ) ); exit; ?>

You must log in before being able to contribute a note or feedback.