avatar Deluxe Blog Tips About Projects

How to completely disable login by username and password in WordPress

If you are using Single Sign On feature by Jetpack or using a social login plugin for WordPress, then it might be a good idea to disable login by username and password completely. This helps protecting your website from brute force attack and keeps your website safe from hackers.

To completely disable login by username and password, you can add the following snippet of code to your theme's functions.php file, or to a functionality plugin:

add_action( 'login_init', function () {
   if ( isset( $_POST['log'] ) || isset( $_POST['user_login'] ) ) {
      die;
   }
} );

The code simply checks if the login form is submitted and then exit. This happens before any check for correct username/password, so it's fast and uses little memory. Hackers will have no chance to brute force attack your website as all requests are stopped immediately without any processing.

🔥 HOT: Interested in boosting your WordPress SEO? My Slim SEO plugin is a super lighweight and automated plugin that handles most the hard work for you: meta tags, sitemap, redirection, schema & link building.

👉 Have a look and you will love it: wpslimseo.com

Comments