Auto-logout User sets an inactivity timeout for login sessions. Users are automatically logged out after a specified period to improve security and free up session resources.
What this feature does
By default, WordPress login sessions remain active for 2 weeks, or until the browser is closed if you use the "Remember Me" option. For security-sensitive sites, this is too long. A compromised login cookie gives an attacker 2 weeks of access.
This setting configures a shorter session timeout. You can set it to 1, 5, 10, 15, 20, 30, or 60 minutes. When the timeout expires, users are automatically logged out and must log in again. Sessions refresh if the user is actively using the site.
Active sessions refresh: If a user is actively using the site, their session extends automatically. Only idle sessions (no page views) expire after the timeout.
How to enable it
- Open AdminEase and navigate to Users.
- Toggle Auto-logout user on.
- Select your timeout duration from the dropdown: 1, 5, 10, 15, 20, 30, or 60 minutes.
- Save the setting. Changes take effect immediately on the next login.
Settings reference
| Setting | What it does | Default |
|---|---|---|
| Auto-logout user | Enables session timeout. Users are logged out after the specified idle period. | Off |
| Session timeout duration | How many minutes to keep sessions alive. Options: 1, 5, 10, 15, 20, 30, or 60 minutes. Visible only when Auto-logout is enabled. | (empty) |
| Select user roles Pro | Specify which user roles should be logged out. If left empty, all users are subject to the timeout. Pro only. | (empty) |
Troubleshooting
My session expires even when I'm actively using the site
If you're viewing static pages without making requests (comments, form submissions, page reloads), WordPress may not refresh your session. The timeout is based on page requests, not just browser activity. Try reloading a page to refresh your session, or reduce the timeout to suit your activity level.
Is this timeout enforced on all users?
By default, yes. This setting applies site-wide to all users. However, AdminEase Pro allows you to select specific user roles that should be subject to the timeout. For example, you can set a 5-minute timeout for editors but exclude admins. If no roles are selected in the Pro role picker, the timeout applies to all users.