Skip to content
Read For Learn
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP

If I use an alternative login (e.g. CAS or other SSO) plugin, is my site protected from the recent brute force login attempts?

If CAS is the only login method, I think your blog should be protected. But, the atackers don’t care about alternative login methods. They simply send request against wp-login.php.

So if you still have an account named “admin”, CAS cannot protect your blog. Let’s think about the worst case. Assuming you have an account named “admin” with the password “1234”, but you use always CAS to login but with a different admin account. The attackers still can access your blog through wp-login.php and can get access.

You can try to rename the wp-login.php and test if everything still works. If it so, fine. If not, you have to protect your blog with other additional methods (like login löockdown).

Related Posts:

  1. Prevent Brute Force Attack
  2. Too many login attempts
  3. https rewrite not working for All in one security Brute force > rename login url
  4. How to resolve these findings from security audit
  5. How to Find WordPress site has backdoor login Codes
  6. How to use login_redirect with a user capability
  7. I should enable automatic updates?
  8. Can some vulnerabilities in plugins be exploited even when the plugin is inactive?
  9. Login Customizer doesn’t change the background of the register form
  10. Security and Must Use Plugins
  11. Is Timthumb still broken? What security measures should be taken?
  12. easy steps to make front end form without plugin
  13. Prevent direct access to WordPress plugin assets?
  14. Change wp-login to custom URL login page
  15. Is it safe to use admin-ajax.php in the frontend?
  16. How to protect WordPress from security scanner [closed]
  17. Login problem after installing my written plugin [closed]
  18. Specific way to allow WordPress users to view their current password? And edit it?
  19. Is there any pre-existing plugin to track and block IPs with suspicious activity on my site?
  20. Get ‘Headers already sent’ error for the plugin I am creating when I try to login
  21. How to prevent plugins from sniffing/stealing other plugins’ options?
  22. Custom Login Page — wp_signon Headers Already Sent?
  23. Website show Google Ads when we have no Google Ads linked to our website
  24. Vulnerability Concern From the Plugin or From Not Updating the Plugin?
  25. Custom API plugin to execute 3rd party API to retrieve data
  26. How to deal with Slow HTTP POST (slowloris) vulnerability
  27. Theme My Login Shortcode Doesn’t Return Anything
  28. Running multiple security plugins
  29. how do I secure my WP website from hackers? [closed]
  30. Possibility to login without password
  31. Chrome Dev Tools console says every page in my blog has link to http://maps.google.com [closed]
  32. how do i change my website facebook login button to another text immediately user login? [closed]
  33. WordPress unable to write files in the server
  34. Webservice credential storage [duplicate]
  35. Custom PHP Page Using WordPress login
  36. Regarding plugin security
  37. How to Use the Filter “sidebar_login_widget_form_args”
  38. Manage PDF downloads and protected pages
  39. How do I determine if the user who registered is not spam?
  40. Is this plugin safe to run?
  41. login in wordpress using gmail account
  42. How can I replace content on site generated from plugin without changing plugin
  43. Is the Block Bad Queries Plugin Still Relevant?
  44. Janrain/Simple Modal under Redirected Domain
  45. WP Insert Post If user refreshes override new post
  46. 404 errors when updating options in admin dashboard
  47. Website Captcha Error: The reCAPTCHA wasn’t entered correctly
  48. Hide plugins and theme from public
  49. WordPress search shows protected content
  50. Linking form to user meta fields
  51. Security of a WordPress Plugin
  52. Can I disable xml-rpc by setting it to false?
  53. WordPress Multisite Profile Picture Sync Error with Nextend Social Login Plugin
  54. How can I disable new plugin and theme install, but allow updates?
  55. Help to Create a Simple Plugin to make a post
  56. Plugin or ways to limit number of users logging in the website,
  57. force logged in user to stay in the dashboard
  58. Validating ajax search
  59. Content-Security-Policy implementation with WordPress W3Total Cache plugin installed
  60. WordPress disable direct access of files in WordPress installation path
  61. Share login credential with QR code
  62. Asking help regarding potential malware
  63. Which membership plugin for a simple sign in? Personal areas for customers
  64. Discern a specific plugin’s action hooks
  65. prevent anonymous access to WordPress site (non-admin site)
  66. Login/password protected “client page”
  67. Bing/msn bots is heavily requesting random of my website
  68. WordPress Admin login redirect to homepage
  69. “Fire Secure” menu item
  70. Securing a plugin pop-up window
  71. On button click, redirect users to registration page instead of another page
  72. How can I show login popup when user clicks on download button
  73. When the user entered an unauthorized url redirect to login page
  74. How to show private pages based on a user’s role?
  75. Why does WordPress use cookies for /wp-admin and /wp-content/plugins for non-admin users [duplicate]
  76. using wordpress login details for other website / application / forum?
  77. wp_signon returns user, in popup window, but the user is not logged in
  78. WordPress SSO SAML
  79. Redux framework somehow added to my site, can’t locate in plugins
  80. How to Create Custom Dashboard for my Laundry Website?
  81. wp_login_form() ignoring login_form action hook
  82. User content database [closed]
  83. Being hacked. Is there a list of WordPress security holes I can check against?
  84. wp_verify_nonce fails always
  85. Auto-login from backend
  86. AJAX login without a plugin does not work. when add a action to function.php
  87. Plugins effecting layout & login
  88. How can i see/log all requests coming from a registration form (not from the UI)?
  89. Redirect default login page to a custom page [duplicate]
  90. Write mysql credentials in plugin
  91. Site is continuously accessing by several IPs
  92. wp-admin will not redirect to wp-login.php
  93. Validating values using Settings API?
  94. using .htaccess only for wordpress security no plugins
  95. Adding google authenticator and use only email address of user
  96. SWF in wordpress post
  97. Adding a Filter to Sidbar Login Plugin to Change Login Button Lable
  98. First argument is expected to be a valid callback for cp_admin_init and _canonical_charset
  99. how to protect wordpress website
  100. Unwanted Links and Spam WordPress Pages and Posts
Categories plugins Tags login, plugins, security, single-sign-on
unexpected ‘$mm’ (T_VARIABLE) in wp-includes/functions.php
Load php file with jquery in single.php

Recommended Hostings

Cloudways: Realize Your Website's Potential With Flexible & Affordable Hosting. 24/7/365 Support, Managed Security, Automated Backups, and 24/7 Real-time Monitoring.

FastComet: Fast SSD Hosting, Free Migration, Hack-Free Security, 24/7 Super Fast Support, 45 Day Money Back Guarantee.

Recent Added Topics

  • Bug in translation system: load_theme_textdomain() returns true, files are available and accessible but the language defaults to english
  • Custom Elementor controls not appearing in the widget Advanced tab using injection hooks
  • Get the name of the template/*html file used
  • Trying to Add Paging to Single Post Page
  • Sharing media files between live and staging servers
  • How to display the description of a custom post type in the dashboard?
  • Critical error on image display
  • Copying WP data and files into new install?
  • How to determine the DirectAdmin WordPress backup date?
  • How to get list of ALL tables in the database?
© 2026 Read For Learn
  • Database
    • Oracle
    • SQL
  • algorithm
  • asp.net
  • assembly
  • binary
  • c#
  • Git
  • hex
  • HTML
  • iOS
  • language angnostic
  • math
  • matlab
  • Tips & Trick
  • Tools
  • windows
  • C
  • C++
  • Java
  • javascript
  • Python
  • R
  • Java Script
  • jQuery
  • PHP
  • WordPress