lyncd

Logout Clear Cookies for WordPress

Available immediately is a new super-simple WordPress plugin, Logout Clear Cookies, which does just what it’s name says — when you log out of your WordPress site, it will clear all the cookies that WordPress has set in your browser. Because leaving a trail of cookies behind you is bad!

The plugin is actually just one line of code (more or less), so it’s super easy to install and use (and to uninstall). There aren’t any options or configuration screens. I’ve been running it for the past couple of years without any problems, so you shouldn’t have any, either. But if you do, just let me know!

If you’re still wondering, why would I want this? Well, do you like it when you visit a website that sets cookies in your browser, but never clears them when you log out? If that’s not enough of an explanation, please see the plugin page.

The plugin is hosted on wordpress.org, so please go there to download the plugin or submit any support requests.

Filed under: Code.  Tagged: , , , .

4 comments »

  • I installed the plugin as I was having a challenge with ensuring that the login details from a previous user would be cleared upon logout. I think my challenge is related to the fact that I am using social media logins (specifically from Super Socializer). After a user logs out with the Logout Clear Cookies plugin installed. I am able to logged right back in using the previous users login by clicking the social media login button again. I was holing the logout clear cookies plugin would rid the browser session of all cookies related to logging in.

    • Right, what the plugin does is clear all cookies that have been set by WordPress, or any other application running on your server’s domain. It just clears them all!

      What it can’t do is reach through and operate the end user’s browser to clear third-party cookies (log them out of their Google account etc.) — that is prohibited by the browser’s security model, and would be a security vulnerability if a browser were to allow it.

      If you wanted to disable user access via federated login (social media, OAuth, OpenID Connect etc.), that sounds like an identity/access management problem to address with WordPress/Super Socializer on the server side, it’s nothing to do with cookies.

  • Hey, is there any chance you could make another plugin like this for clearning cache when a user logs in? I am having the same problem this way round and your code worked great

    • Sorry for the late reply, your comment got flagged by Akismet unfortunately, and I just fished it out.

      Can you explain more what problem you’re trying to solve? (And what version of WordPress?)

      I ask because I did some testing and I don’t think there should be any problems with current WordPress 5.0 — however if you have buggy plugins that are setting cookies, those might be causing problems. You can use your browser’s storage inspector (on Firefox this is SHIFT-F9) to monitor cookie values being set and read as you browse your site, log in and out etc.

      I did test and I can add a function call to clear all domain cookies when the login page is loaded, using the login_head action hook. But is that what you want, and why?

      The only cookie that WP 5.0 is even persisting now when you log out is wordpress_test_cookie, which always has the meaningless value “WP+Cookie+check”.

      I am just trying to understand what the actual problem is before adding code to the plugin to clear cookies on the login page, because if I modify the plugin it affects everybody.

      If your problem is that some plugin you’ve installed is relying on cookies that it sets, and it is behaving badly and causing problems, so you want all cookies cleared by the login page (wp-login.php), I definitely could make this plugin do that, but I need to you to confirm that and explain more first, because I’m just guessing at what you’re asking for. I don’t know what you mean by “cache” … if you mean browser cache, there is no way for a web app like WordPress to clear the browser cache.

Add a comment

You can also log in (or register) for easier commenting on lyncd.

Lyncd is an evolving group blog-in-progress. Weʼll be designing the site, adding users and content, and developing a hifalutin site focus as we go. For now, just think of our site mantra as “minimalism.” :)