Wordpress use sso login page

Connecting to wordpress using ldap is supposed to be activated by default on wordpress, but when trying to access


You have to connect manually. In order to connect automatically to WP, activate the preinstalled plugin called HTTP authentification

Then in Settings > HTTP Authentification change

Login URI :


where XXXX is base64 encoding result of :


You can find base64 encoders online (https://www.base64encode.org/ for example)

Logout URI


Allow WordPress authentication?
You choose weather you want to be able to connect without HTTP authentification, could be useful if you created users for wordpress, which are not part of Yunohost.

Save, and you’re good to go

1 Like

Thank you, very useful for my Wordpress install and for the general understanding of how SSO works!

Allow me a slightly off-topic question: do you know a simple way to redirect the “Wo” (assuming one called the wordpress installation “Wordpress”) button in the YunoHost interface to https://domain.tld/blog/wp-admin instead of https://domain.tld/blog/ ?

Nice tip, should this be part of the app by default @Maniack_Crudelis ?

By default, the http-authentication plugin is installed but not activated if your blog is public.

You can simply activate this plugin, without specific config if you want to use it.

why isn’t it activated by default when the website is public ?

no i don’t and i thought about it but did not try to do it yet

It’s a old way to do that. But, I don’t know why.
Maybe a possible security issue.

Hey! Where can I find http-authentication plugin in filesystem or the file that uses it? I cannot access to admin page because of this issue (making page public). I searched folders like /var/www/wordpress/ and /etc to find something but I cannot. Am I doing it the wrong way? Maybe I’ve misunderstood the solution. Maybe I just didn’t looked at right places.

Thank you for your help!

Your problem is probably because there’s an issue with the ldap plugin.
This error was fixed in the testing branch. It should be merge soon.

By the meantime, if you want to fix your wordpress, you can update your instance with the testing branch.

sudo yunohost app upgrade wordpress -u https://github.com/YunoHost-Apps/wordpress_ynh/tree/testing --verbose

Ok, but in which file should I make the change? Is it wp-settings.php or http-authenticatio.php or not .php file at all?

I think your problem is about the ldap plugin.
There’re nothing to modify in any php file. Maybe you can update manually your plugin.
But the easier way to do is to upgrade your wordpress package with the command I’ve given to you previously.

Sorry, I didn’t mention. I did ugrade it and I still have the same problem :slight_smile: Don’t know what the problem is.

So can you explain me what exactly is your issue. Is it a problem to connect, like a password not recognized, or more an issue with auto login so you have to connect by yourself ?

I think it’s the first thing. It seems like it recognizes my account but the password is not correct, but I checked few times and password is correct.

I don’t understand what do you mean by auto login issue. Every other app works with that login except Wordpress. I only tried the web interface. I am not familiar with the other way.

It’s quite weird, because this issue, I mean your account recognize but not your password, is exactly the issue with the old wordpress package.

Oh, but maybe there also a issue with the apps lists (because we had some problems with one of our server)

So, can you try to upgrade your apps lists before, then recheck your upgrade please.

Or, if you can, try to upgrade by command line.

sudo yunohost app upgrade wordpress -u https://github.com/YunoHost-Apps/wordpress_ynh

Ok, I should read what I have previously written before…
I guess you made the upgrade from the testing branch, like I’ve proposed before ?

Yeah, :smile: I did. It’s not a solution for me. I’m going to try to make site private, not public and see if the problem is still there. And if nothing works, I really don’t need wordpress app.

It’s nothing about public or private.
It’s an issue with the ldap plugin.
Because an update of wordpress has broken the ldap plugin.

That’s why the ldap plugin need to be upgraded.

There’re 2 solutions you can try:

  • Maybe your ldap plugin is simply disable.
    So you can try the real password, which you can find in /etc/yunohost/apps/wordpress/settings.yml under the name mysqlpwd
  • Or, even with the upgrade, your plugin is not up to date.
    You can download wp-cli to try to update it.
    wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
    Then update the plugin
    sudo php wp-cli.phar --allow-root --path=/var/www/wordpress plugin update simple-ldap-login

Ok! I updated wordpress package. After that I just reinstalled wordpress and now it works. However, interesting thing is that I cannot logout. :stuck_out_tongue: I don’t need it, but it is interesting. It sends me to some error page. I can’t remember was it 404 or something else.


I bring back this old thread because i recently had the exact difficulties here described while searching for solutions.

So. I decided to upgrade wordpress through the admin panel of Yunohost. The upgrade, in addition to upgrade the wordpress core, installed a new plugin : simple-ldap-login which i didn’t pay attention on. Error…

I disconnected from Wordpress and never couldn reconnect anymore, with neither internal wordpress user nor Yunohost user (even created for this specific app).

I tried the DB_USER found in wp-config.php (and its corresponding DB_PASSWORD) : nope.

Long story put short : i used wp-cli to deactivate the LDAP plugin and then succeeded in loging in again with my ancient account.

After several tries with another browser - not to be locked out of Wordpress again-, i tried to figure out if i had some bad configuration with the plugin, which i could’nt know. I also uninstalled and reinstalled the plugin and tried again.

I finally uninstalled ldap-simple-login for good. I understand the idea of having such a plugin but it didn’t work for me.

I noticed that this plugin hasn’t been updated for three years now !

I’ve read somewhere (afterwords) that it is better to upgrade Wordpress from inside Wordpress rather than from the Yunohost admin panel. Can you confirm that ?

And finally, why still using this particular plugin if it seems not to work with the last version of Wordpress ? But maybe something went wrong only with my installation 'cause i didn’t find any other recent remarks on this issue.

Here is my configuration :

  • yunohost :
  • wordpress : 5.1.1
  • simple-ldap-login : 1.6.0

On a debian based virtual machine somewhere over the rainbow.

Hope this could help.

1 Like

I’m too using wordpress 5.1.1 and simple-ldap-login 1.6.0 and just log in one of my wordpress to see how it works.
I didn’t have any issue.

Is HTTP Authentication plugin active ?

You can safely upgrade wordpress from YunoHost, since the package will not upgrade wordpress itself, but only the package around it.
Wordpress is installed with a plugin to automatically update the app. However, this plugin is sometimes capricious and not too reliable… I have to work on that, and see what’s going on with it.