Descripción
The Client Certificate Authentication plugin enables WordPress to login a user with a SSL client certificate. The plugin uses the email address from the subject field to identify the user by the email address of his wordpress account. Optionally, new accounts can be created on the fly by using email address and name from the certificate. By limiting login and registration to users providing a client certificate, bots are locked out and spam is eliminated.
Acknowledgements: This plugin is based on the HTTP Authentication plugin by Daniel Westermann-Clark. Ideas taken from Dan B.’s implementation for client certificate authentication.
Instalación
- Login as an existing user, such as admin.
- Upload the
client-certificate-authentication
folder to your plugins folder, usuallywp-content/plugins
. (Or simply via the built-in installer.) - Activate the plugin on the Plugins screen.
- Logout.
- Require certificate authentication for
wp-login.php
andwp-admin
. - Try logging in with your client certificate.
Preguntas frecuentes
- How should I set up client certificate authentication?
-
This depends on your hosting environment and your means of authentication.
The plugin uses the $_SERVER environment variablesSSL_CLIENT_S_DN_Email
(beginning with) for the email address andSSL_CLIENT_S_DN_CN
for the name.
A working example is given below:In Apache HTTP (non-HTTPS) config add:
RewriteEngine On RewriteRule ^/(wp-(admin|login\.php).*) https://%{HTTP_HOST}/$1
In Apache HTTPS config:
<Location /wp-login.php> SSLVerifyClient optional <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_USER_AGENT} .*Safari.* RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS RewriteRule .* /wp-admin [redirect,last] </IfModule> </Location> <Location /wp-admin> SSLVerifyClient require </Location>
Also make sure to set SSLCACertificatePath and enable CRL checks.
Reseñas
No hay reseñas para este plugin.
Colaboradores y desarrolladores
“Client Certificate Authentication” es un software de código abierto. Las siguientes personas han colaborado con este plugin.
ColaboradoresTraduce “Client Certificate Authentication” a tu idioma.
¿Interesado en el desarrollo?
Revisa el código , echa un vistazo al repositorio SVN , o suscríbete al log de desarrollo por RSS .
Registro de cambios
1.0
Initial release.
1.0.1
Documentation updates.
1.0.2
Fixes to the short description.