Magento EcommerceMost of the time, for most online retails, you want anyone and everyone to be able to browse your catalog. ÂYou want your product pages to be indexed on Google. ÂAnd as many visitors as possible to come and shop.

But sometimes you are not running a public store. ÂYou may have a store that is just for a select group. ÂOr your store is part of a greater online system. ÂIn any case, what you are looking for is a way to redirect visitors to the login page if they are not currently logged in. ÂIf so, here is how i did it.

It may look like a bit of a hack. ÂI prefer to think of it as a small intervention.

(edit the header.html and insert this block of code. ÂThis is in your theme, so if you switch themes you will have to replicate this in a new header.html.)


$currentUrl = $this->helper('core/url')->getCurrentUrl();

$urlField = explode('/',$currentUrl);

$baseUrl = Mage::getBaseUrl();

$location = $baseUrl . 'customer/account/login/';

if(!($urlField[6] == 'forgotpassword' || $urlField[6] == 'login' || $urlField[6] == 'create')){


echo '<script type="text/javascript">';

echo "window.location = '" . $location . "';";

echo "</script>";




ÂStepping through this Code:

  1. Get the URL so that we can see where we are.
  2. Split up the URL so that we can look at some specific parts.
  3. Grab the base url so that if we redirect, we know where to start.
  4. Check to see if we are in a place that we don't want to redirect. ÂThis list can be expanded by just adding more URL keys and possitions to the list in the OR statement. ÂThis can be CMS, or handling urls with and without the "index.php" if you are shortening your urls and don't want to leave a hole.)
  5. Check if we are logged in. Âif we are logged in, we want to skip the redirect right?
  6. If we are not logged in, we write a quick script to the page that redirects us to the previously defined location to redirect. Â(This is the intervention that sometimes feels like a hack.
So what does this do?

  • This forces visitors to login before being able to see any pages.
  • All pages where the user is not logged in to the login page except in the cases of; creating an account or using forgot password to the login page.
  • And it can be extended to include more exceptions by adding to the OR list.

And there it is. ÂIf you have a better way to do this, please let me know.