403 forbidden on logout/?redirect_to=

There doesn’t appear to be a problem with that url query string. I would check the user role and change the log out to “Go to custom url” then enter a different location (e.g. /index.php or /member/) and see what happens.

I tried to change the url to custom but the url didn’t change, it remains the same.
when I paste manually something like https://sitename.xyz/logout/?redirect_to=/index.php i can logout.
but changing the url from user role not working.

when I paste manually something like https://sitename.xyz/logout/?redirect_to=/index.php i can logout.

So that is resolved. There is nothing wrong with UM. I suspect you have a server configuration problem that would be off topic discussion here.

the problem is that changing the “Go to custom url” in the UM user role not working.
the logout link remains the same – to the homepage url…

First you said that you were being redirected to a 403 page. Then that you can log out if a url is added to the custom url option. Now that you are being redirected to the home page and that it remains the same.

You don’t explain your problems well…

• This reply was modified 8 years, 4 months ago by borisv.

When i click on a logout link of the login form i’m redirected to link https://sitename.xyz/logout/?redirect_to=https://sitename.xyz and get 403 forbidden error.
If i paste in the browser address bar a link like https://sitename.xyz/logout/?redirect_to=/index.php i’m logging out,
but when i change the custom redirect in the UM user role to /index.php or /members/ the url remains the same, with no change https://sitename.xyz/logout/?redirect_to=https://sitename.xyz

at my localhost everything works fine, the problem only at the live site.

You probably have a server misconfiguration somewhere. The fact that your copy of UM works on your localhost or computer says so…

I think there is a mod_security enabled at the server thats restrict redirects with full url including https:// like this https://sitename.xyz/logout/?redirect_to=https://sitename.xyz
from the localhost the redirect not given the 403 error, but, also on the localhost changing the redirect to custom from admin panel UM user role not working, the link remains the same – to the site full homepage url with https://.
setting the redirect to custom not working.

I don’t know if that’s the reason or not but you have a misconfiguration. And if you think you have security mod restrictions then make sure to set it off in your .htaccess file located at the root directory of your WP site.

Make sure that you also have the following code present there:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

• This reply was modified 8 years, 4 months ago by borisv.