Support » Fixing WordPress » How secure is wp-login (with HTTP POST) cross-domain login

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Brute Squad and Volunteer Moderator

    Give this Codex article a read, it may help you get a handle on using SSL.

    http://codex.wordpress.org/Administration_Over_SSL

    This may also help you with hardening your WordPress installation.

    http://codex.wordpress.org/Hardening_WordPress

    And if you’re really concerned with someone brute force hacking your login (and that’s a valid concern too especially if you’re not using a good login/password combination) give these a read as well.

    http://codex.wordpress.org/Brute_Force_Attacks

    Hey Jan,

    Thanks for your response, but I wasn’t really asking about how to use SSL or about brute force attacks. I’m just wondering if sending a post request with the username and password to a different domain is as secure as the same post request to the same domain, just like it now happens in a normal WordPress install.

    Most WordPress websites don’t use SSL and even if you do, you’re not protected from brute force attacks, right? That’s a different matter.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘How secure is wp-login (with HTTP POST) cross-domain login’ is closed to new replies.