WordPress is one of the best CMS open source platform in web World and we all knows that there are several advantages and disadvantages. The wordpress has a default login page yoursite.com/wp-login.php and if someone try to use guessing password then after several times they may access your admin area. So security is one of the disadvantages of using WordPress, however there is an option which can make your site extremely secure using single sign on. Let’s discuss step by step that how you can implement single sign on to secure your site.
If you manage multiple web sites, you can login into them using single WordPress.com account and no longer have to remember multiple usernames and passwords.
Step 1: Create an account in WordPress.com using this link - https://signup.wordpress.com/start/en/?flow=delta-site. You may be required to create a dummy blog in wordpress.com as a part of the registration process.
Step 2: Once your account is created, use link below to enable for authentication - https://wordpress.com/me/security/two-step. Add your phone number, WordPress will send a verification code via SMS and you need to type the same code to verify your phone number.
Step 3: Go to your WordPress admin and install the Jetpack plugin, its available here - https://wordpress.org/plugins/jetpack/installation/, activate it and its page, please click on Connect to wordpress.com, it will link your blog site with wordpress.com.
Step4: Once activated the jetpack plugin, go to settings and activate the Single Sign On module.
Step 5: Access the site using FTP and edit the function.php which is available in wp-content/themes/used theme. Please below code after the first line in function.php -
add_filter( 'jetpack_sso_bypass_login_forward_wpcom', '__return_true' );
Step 6: Again go to site admin > users – Your Profile and, at the bottom of the page, click the button that says ‘Log in with WordPress.com’ – this will link your WordPress.com account to the username that you have used to login into the site.
This will completely disable the login form of your site and user has to use the login screen from WordPress.com. Once you login through WordPress.com, you are immediately redirected to the site admin dashboard to update the site.
Hope you can understand how its help to secure your site. If you think its helpful for you or your friend please share and like on facebook to support us.