Computersnyou

Add security in your wordpress login with wordpress.com SSO

Posted on  12/29/2013

If you are using self hosted WordPress based blog or using WordPress small CMS for your project , or using wordpress self hosted installation for anything ( it doesn’t matter )  and you don’t want to pay for SSL ( but its good to buy a SSL certificate  ) then you can use wordpress.com Single SignOn with JetPack Plugin . its simple OAuth Single Sign On

Setting Up :

You don’t need any coding-fu skills just install jetpack plugin from http://jetpack.me/ and activate the module . okay see how to do  custom setting from jetpack blog post .

Screen Shot 2013-12-29 at 10.22.35 pm
Screen Shot 2013-12-29 at 10.22.35 pm

Custom Settings

There are two custom overrides that you can do, and both are done by defining constants in yourwp-config.php file.

By default, if there isn’t already a local account linked to the WordPress.com account, Single Sign On will automatically link the verified WordPress.com account to a new local account with a matching email address, and log the user in. If you’d prefer to disable this functionality, and require your users to log in to their pre-existing local accounts to manually link the accounts, add this line to your wp-config.php file just before /* That's all, stop editing! Happy blogging. */

define( 'WPCC_MATCH_BY_EMAIL', false );

The WordPress.com Single Sign On module will also respect your default settings with regard to New User Registration. If you have registration disabled, then WPCC will not create a new user account if someone is trying to log in with an unrecognised email. If you have registration turned on, though, it will automatically create a new user for them, and log them in. If you would like to allow users to register for your site with a WordPress.com account, even though you disallow normal registrations, add this line to your wp-config.php file just before /* That's all, stop editing! Happy blogging. */

define( 'WPCC_NEW_USER_OVERRIDE', true );

Then , next time when you open wp-login page just use “LOGIN WITH WORDPRESS.COM ” button . by using that you will make yourself bit safer from Man In The Middle Attack  .

See post by Jetpack Team .


  • Home
  • About