When your website redirects a visitor, it’s not always clear who is doing that redirect. Is it WordPress itself? A plugin? Or maybe your theme?

That’s where the X-Redirect-By header comes in. It’s like a small visiting card attached to the redirect, telling you exactly which application is responsible.

How WordPress Handles It

WordPress has a handy function called wp_redirect(). By default, it adds the header:

# WordPress Core
x-redirect-by: WordPress

# WordPress Core
x-redirect-by: WordPress

But here’s the nice part—you can change it. The function signature looks like this:

wp_redirect( string $location, int $status = 302, string $x_redirect_by = ‘WordPress’ ): bool

wp_safe_redirect( string $location, int $status = 302, string $x_redirect_by = ‘WordPress’ ): bool

# The `$x_redirect_by` parameter was added in WordPress version 5.1.0

wp_redirect( string $location, int $status = 302, string $x_redirect_by = ‘WordPress’ ): bool

wp_safe_redirect( string $location, int $status = 302, string $x_redirect_by = ‘WordPress’ ): bool

# The `$x_redirect_by` parameter was added in WordPress version 5.1.0

That third argument ($x_redirect_by) is where you can put your own label. For example, if your plugin is handling the redirect, you can pass its name there.

Why It Matters

Think of a situation: you’re debugging a site, and suddenly you’re redirected. Without this header, you’ll be scratching your head—“Which plugin did this?”

With X-Redirect-By, you’ll know immediately. It saves time, avoids confusion, and makes support much easier.

Examples

Here are some headers you’ll commonly see:

# Safe Redirect Manager Plugin
x-redirect-by: Safe Redirect Manager

# Redirection Plugin
x-redirect-by: redirection

# Yoast SEO Premium Plugin
x-redirect-by: Yoast SEO Premium

# Safe Redirect Manager Plugin
x-redirect-by: Safe Redirect Manager

# Redirection Plugin
x-redirect-by: redirection

# Yoast SEO Premium Plugin
x-redirect-by: Yoast SEO Premium

So, just by looking at the response headers, you can tell who’s in charge.

Pro Tip

Whenever you use wp_redirect() or wp_safe_redirect(), don’t forget the third argument. Put your plugin or theme name there.

If you want to be extra clear, you can even add a specific label like:

X-Redirect-By: myplugin-legacy-url-redirect

X-Redirect-By: myplugin-legacy-url-redirect

This way, anyone checking headers knows exactly what’s happening.

Using the x_redirect_by hook, you can easily change the value of the X-Redirect-By header.

/**
 * Filters the X-Redirect-By header.
 *
 * Allows applications to identify themselves when they're doing a redirect.
 *
 * @since 5.1.0
 *
 * @param string $x_redirect_by The application doing the redirect.
 * @param int    $status        Status code to use.
 * @param string $location      The path to redirect to.
 */
$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );

/**
 * Filters the X-Redirect-By header.
 *
 * Allows applications to identify themselves when they're doing a redirect.
 *
 * @since 5.1.0
 *
 * @param string $x_redirect_by The application doing the redirect.
 * @param int    $status        Status code to use.
 * @param string $location      The path to redirect to.
 */
$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );

Conclusion

The X-Redirect-By header is a small but powerful. It’s a tiny detail that makes debugging smoother and gives your work a professional touch.