Secure Your WordPress Site With a Single Sign On

Learn how to make your WordPress websites more secure with the single sign-on module for Jetpack. This will redirect your existing login page to WordPress.com's login page.

Brute force attacks are the most common occurring hacking attacks on a WordPress site. In these attacks, hackers try to log into your WordPress dashboard by using many combinations of username and passwords.

Everyone knows that the common WordPress admin URL is “wp-admin”. It can be said as a public login page, often found at example.com/wp-login.php. So, it is easy for hackers to get started with brute force attacks to gain access to your site by guessing your password through repeated trial and error method.

There are many ways to tighten the security of WordPress site. One major step you can take password-protect the WordPress admin folder and use 2-factor authentication plugin.

For this, you are recommended to activate Jetpack SSO. Single Sign On is used as a complementary sign-in option to your existing registration system.

It uses authentication part of WordPress.com. That means you will need to sign in into your site by a sign into your WordPress.com account to access the dashboard of your site. In this tutorial, I am gonna use Jetpack plugin to enable single sign on.

Features that Single Sign On provides:

  • Support 2-factor authentication without requiring any additional plugin.
  • Redirects all login attempts to WordPress.com and thus drastically reduces the load on your server and database.
  • You can use it for your multiple sites.

GET JETPACK

Set up for WordPress Single Sign On:

  1. If you already have an account with WordPress.com then log into your account. If you do not have an account, then sign up from here.
  2. Now enable two-step verification for your account by using this link.
  3. Enroll your contact number so that WordPress will send a verification code via SMS each time while logging in into your account.
  4. Now, install and activate Jetpack plugin for your WordPress site. Next, click on the Connect to WordPress.com to set up a connection between your blog and your WordPress account.
  5. After this, go to Jetpack settings and enable SSO (“Single Sign On”) feature in Security tab.
  6. Now, login to your FTP account.
  7. Click on the current theme folder and edit the functions.php file by copy-paste the following line of code after the first line.
    add_filter( 'jetpack_sso_bypass_login_forward_wpcom', '__return_true' );

    This will redirect your existing login page to the WordPress.com’s login page.

  8. Now go to Users from your site’s dashboard and click on ‘Log in with WordPress.com.

By doing this, you will link your WordPress.com account to the username that you’ve used to log into the site. This will completely disable the login form of your WordPress site. Read our complete guide to harden WordPress security.

ALSO READ

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Comment Policy: Your words are your own, so be nice and helpful if you can. Please, only use your real name and limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please.

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

GET STARTED

Start WordPress Blog: Ultimate Guide For Beginners

Here is our step by step guide for beginners to start a WordPress blog.

Top 6 Best WordPress Theme Frameworks

There are many websites themes which are created by using a framework. Likewise, WordPress Theme frameworks also becoming so popular. The framework allows you...

The Most Essential WordPress Plugins

Here, I have listed some excellent plugins which will surely add more features and new functionality to your WordPress blog.

Tips to Speed Up WordPress Performance

Here, I am sharing some tips to speed up WordPress performance. All you need to modify .htaccess file on your server and add some plugins.

The Ultimate Guide to Harden WordPress Security

Learn how to improve WordPress security. Here are some basic security concepts that will help you to harden WordPress security.

How to Setup CloudFlare Free SSL for WordPress Blog

Google has announced that they will count HTTPS as a ranking factor which means if you using HTTPS you will get a higher position...

DEALS

Bluehost Hosting

Get hosting for just $3.95 per month with Bluehost. Bluehost is an officially recommend WordPress host, and one of the most popular & reliable web hosts available.

POPULAR NOW

Get almost 100% PageSpeed on Newspaper theme

The newspaper theme is the most popular premium theme for a self-hosted WordPress blog. The theme is developed by team tagDiv. You...

How to Remove jQuery Migrate in WordPress?

jQuery Migrate greatly simplifies the process of moving older jQuery code to a higher jQuery version by identifying deprecated features. It then restores deprecated...

How to setup CloudFlare CDN for WordPress blog

In today's world website speed is a crucial element to getting good ranks on the web. Website speed also aids for indexing your site...

How to Delete Multiple Images in WordPress Media Gallery

Hey, guys today one of my friends asked me a question, How can I delete Multiple Images in WordPress? I replied, "It's very simple." Yeah,...

WP Super Cache Plugin: Best Settings & Configuration Guide

A cache plugin serves static contents to the visitor which improves page load speed. There are so many cache plugins available in the...

How to configure WP-Rocket plugin for WordPress site

When it comes to optimizing your website, the role of caching in WordPress can never be underestimated. What exactly is caching all about?...