If you are using version 2.6.* it has stopped working due to the stop of support for this version in our API servers. We stopped supporting it for security reasons, as this version was released 3 years ago.
To keep your website secure, you need to update your plugin to the latest version.
To do this, you need to disable the plugin in the 2FAS dashboard, or from the database level if you do not have access: In the wp_options table locate in the option_name column locate twofas_is_plugin_enabled key and change value from 1 to 0.
Next update your plugin in plugin directory, and enable plugin again.
Hi,
With 2fas plugin installed a Fatal Error is thrown when using wp cli. The same error is thrown with every command.
Fatal error: Uncaught Error: Class 'TwoFAS\TwoFAS\Http\Action_Index' not found in /<path-to-wordpress-install>/wp-content/plugins/2fas/routes.php:17
Adding this in twofas.php solves the problem:
if (php_sapi_name() === 'cli') {
return;
}
Could this be fixed?
]]>updating to the latest release resulted in a critical error and the whole website blowing up. I would gladly rollback but it seems that it is not possible…
this is the error I received:
Fatal error: Uncaught Error: Undefined class constant ‘ARROW_TYPE’ in /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php:114 Stack trace: #0 /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php(74): Twig\ExpressionParser->parseArrow() #1 /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php(607): Twig\ExpressionParser->parseExpression(0, true) #2 /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php(565): Twig\ExpressionParser->parseArguments(true, false, true) #3 /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php(553): Twig\ExpressionParser->parseFilterExpression in /var/www/vhosts/201/1075883/webspace/httpdocs/staging.finecoassetmanagement.com/wp-content/plugins/2fas/vendor/twig/twig/src/ExpressionParser.php on line 114
The plugin sets a cookie for anonymous users. Causing Cloudflare edge cache to listen to this header and cause cache hit ratio issues.
This cookie should not be set on non logged in users? And should not be set on any other page than login. This needs a fix asap as I could need to disable the plugin.
set-cookie: twofas_session_id=UyQyU0NsVUl0ZnNYSjp8Iw%3D%3D; expires=Mon, 30-Mar-2020 13:13:20 GMT; Max-Age=3600; path=/; HttpOnly
3:21 pmWould appreciate if I could receive an answer as soon as possible.
Why is this cookie on all pages?
Why is cookie set on users even if not logged in or successful login?
This cookie cause issue and modify the cache-control headers.
Hi,
I recently noticed a PHP error happening in QM, would like some insight on this.
Notice Undefined index: SERVER_ADDR 1
wp-content/plugins/pareto-security/pareto_functions.php:1963
Plugin: 2fas
Thanks!
]]>Hello i have been using this plugin for over a month with no problem
You updated the plugin two days ago and now
we cant login it says user not found when previously we had no problems before this update
i tried to reset up the user still the same problem
i have to turn the plugin off to login please advise
]]>I get a fatal error from 2FAS when the plugin is activated and a CiviCRM cron job executes. I get the same fatal error whether I use php-cli to call CiviCRM cli.php or use php-cli to call CiviCRM cv api job.execute. Disabling 2FAS plugin allow cron job to complete.
Error:
[Symfony\Component\Debug\Exception\FatalThrowableError]
Class ‘TwoFAS\TwoFAS\Http\Action_Index ‘ not found
Hi,
Is it possible for members to enable 2FA without going into the profile? As I’m using buddypress for members profile so they can’t access the page to 2FA. If there was an ability for a short code to be used I could create a page.
Wayne
]]>From what I can see there is no way for me as an admin to see if other admins have activated 2FA on their account? This would, if not already possible, be nice to have.
Alternative, option to make 2FA mandatory for specified user groups.
]]>Hi,
2FAS plugin for WordPress support WP Multisite, is WP Multisite compatible, is WP Multisite ready ?
Thanks in advance for the support.
]]>Hi,
2FAS plugin for WordPress support WPML, is WPML compatible, is WPML ready ?
Thanks in advance for the support.
]]>Hi,
2FAS plugin for WordPress is GDPR Compliant ?
Thanks in advance for the support.
]]>Hello
On WordPress DataBase the twofas_sessions is very large, over 32.004 records for 2.5 MB of data.
Is possible purge or delete all this record and how can i do it safely ?
You can add a function to your plugin to clean or delete unnecessary data manually or automatically from WP DataBase twofas_sessions ?
Thanks in advance for the support.
]]>I want translate your wordpress plugin for final user but this plugin is not prepared for localization.
]]>I can not enter any where I have the plugin installed.
since the last update
1.1.4 (Apr. 9, 2019) does not accept token
Hi there,
I have updated to 2.4.1 and it broke the authentication. I couldn;t login it keeps popping the token field and saying “subscription error (json returned from webapp was invalid, yet status code was 200. data was:” then this is what I did after
went to sftp and renamed the plugin folder
then i login the username password conventional way
then I deactivate the 2fas plugin and then I deleted it
then I purge all caches and deleted the tokens from the 2FAS website account login
then I reinstalled 2fas and still have error
screenshot of the plugin settings page
Hello,
After the last update I get the folllowing db error
CREATE TABLE IF NOT EXISTS xxxxx_twofas_trusted_devices (
id bigint(20) unsigned NOT NULL AUTO_INCREMENT,
user_id bigint(20) unsigned NOT NULL,
device_id varchar(255) NOT NULL,
cookie_value varchar(255) NOT NULL,
ip varchar(50) NOT NULL,
created_at bigint(20) NOT NULL,
last_logged_in bigint(20) unsigned DEFAULT NULL,
user_agent text NOT NULL,
PRIMARY KEY (id),
FOREIGN KEY (user_id) REFERENCES xxxxx_users (id) ON DELETE CASCADE
) ENGINE = INNODB DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci von require_once(‘wp-admin/admin.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘init’), WP_Hook->do_action, WP_Hook->apply_filters, twofas_start, require_once(‘/plugins/2fas/start.php’), TwoFAS\TwoFAS\Core\Plugin->run, TwoFAS\TwoFAS\Update\Updater->update_plugin, TwoFAS\TwoFAS\Update\Migrator->migrate, TwoFAS\TwoFAS\Update\Migrations\Migration_2018_11_30_Create_Trusted_Devices_Table->up, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query
How can i fix it ?
best regards
Marco
I get flooded with new user registrations. Other than temporarily turning it off can you please consider adding a catcha support on the registration page ?
]]>Hello,
Does it support multisite please?
Thank, and have a nice day.
Alex
]]>Hi,
How do you do?
I have 2FAS running in my WP for more than a year.
Today i tried to log in it and i get Token Invalid
I have alread sync the Google Auth but the answer is the same.
I cant loggin any more.
Any tips about what should I do?
Thanks in advance
]]>What’s the string to find the admin options in Dashboard? I am not seeing it in my WP-Admin unfortunately.
]]>Is there a way to turn off the “Trusted Device” option on login to prevent someone from selecting that?
If not could I put it forward as a feature request?
]]>I installed 2FAS Two Factor Auth plugin today and have found that generating the Backup Codes does not work in Firefox, it does however work in Chrome.
This is the error I get in the latest version of FF:
SyntaxError: JSON.parse: unexpected end of data at line 1 column 1 of the JSON data[Learn More] dashboard.min.js:1:35
getting “too many redirects” error when 2fas secondary auth is needed
no issues with 1.2.1
I have the plugin installed & configured for TOTP, however, when I login, I’m not prompted for 2FA
]]>Fatal error: Uncaught exception ‘BadMethodCallException’ with message ‘Call to a member function get_error_codes() on a non-object (null)’ in /wp-content/plugins/2fas/TwoFAS/Authentication/TwoFAS_Login_Errors.php:16
Stack trace:
#0 /wp-includes/class-wp-hook.php(298): TwoFAS\\Authentication\\TwoFAS_Login_Errors->login_errors()
#1 /wp-includes/plugin.php(203): WP_Hook->apply_filters()
#2 /wp-content/plugins/woocommerce/includes/class-wc-form-handler.php(929): apply_filters()
#3 /wp-includes/class-wp-hook.php(298): WC_Form_Handler::process_login()
#4 /wp-includes/class-wp-hook.php(323): WP_Hook->apply_filters()
#5 /wp-includes/plugin.php(453): WP_Hook->do_action()
#6 /wp-settings.php(470): do_action()
#7 /wp-config.php(98): include()
#8 /wp-load.php(37): include()
#9 /wp-blog-header.php(13): include()
#10 /index.php(17): include()
#11 {main}
Hello,
I just tried your plugin and it works great, but I’m missing an authentication method by mobile app like DUO works.
Or a dynamic code by push notification.
I’m looking at the AWS SNS solution which has 1 million req. free included in the free tier plan. That’s more than enough.
Is there any change you could integrate this in your plugin so I can validate logins by push notifications or with a single tap like DUO security has?
Thanks!
]]>