Articles of remote login

Is the login encrypted before it is sent? If so how to do I encrypt it the same way?

I’ve moved my WordPress site onto a https server, but now I’m wondering if I still need to manually encrypt the login credentials for my remote login. Is the default login encrypted before it is sent? Everything I’ve read, code included, is all plain text which is really bad for http sites. In my other […]

SSO system between 2 WordPress installs on different servers

This is essentially a repeat of this question, but it has not been answered. I am trying to create an SSO system between two separate WordPress installs that are on different servers using different databases. The main site has a full database including a users table containing over 300,000 users. Because of the size of […]

Login with serialized password

I can manually log in an user by doing wp_signon( array( ‘user_login’ => $user, ‘user_password’ => $pass ) ); But the password must be in plain text, is there a way to log in with the already hashed password instead of plain text? Edit: It’s not like I want to login without a password, I […]

wordpress 3.9 remote token auth

I came across the following code here <?php /* Plugin Name: Remote Login Description: Log into the site with creds that work on remote site (as defined in plugin). The remote site must have XML-RPC enabled. Author: Kailey Lampert Author URI: http://kaileylampert.com/ THIS IS NOT COMPLETE – DO NOT USE IN PRODUCTION The remote site […]

How to Get Logged-in to “Remote WP Site” from my local script (in Same Browser)?

In WordPress, is it possible: To “make my current browser” to get “logged-in” to the a WP site, from a script in my localhost? Means, i will be running a script in my localhost: http://localhost/do_login.php And after that, in the same browser, when i go to: https://www.my_remote_wpsite.com/wp-admin I should already be logged in there. So […]

WordPress Security – How to block alternative WordPress access

I own a self-hosted WordPress 3.5 blog. I’m working on its security and I’m trying to prevent non-writers from accessing anything admin-ish they shouldn’t. Recently I tried Better WordPress Security, I really liked some of the htaccess suggestions they have. Primarily the one hiding /wp-admin/ with a unique key, even though it had a few […]

Give visitor access to password protected page/post via external script

Overview: On my site I want to do a customer area. There is a form where the visitor enters a name (e.g. “event_xyz”) and a password. Only some well informed circles (participants of the event xyz who want to download some files) will know the access data. By submitting, the visitor is redirected to a […]

Remote login with only the username not working

I’m writing a module for remote login into another WP site via my plugin’s admin. This is the code I’m using on the sender side: <?php add_action(‘init’, ‘connect’); function connect() { //I submit the username via a form in my plugin admin page if(isset($_POST[‘username’]) && $_POST[‘username’] != ”) { $name = $_POST[‘username’]; $response = wp_remote_post( […]

WordPress with CAS+LDAP and standard WP accounts

I have a wordpress site setup with the wpCAS-w-LDAP plugin for logins. It’s working perfectly except for one thing. We have some users who can’t login using the CAS system since they don’t have an account there (outside our control). Therefore we want to enable some kind of system where the user first is prompted […]