2fa Server Time Error

Yep same here in the UK. I have access to the back end cpanel/WHM server and this is set correctly to my local time. WordPress general settings are also set correctly to local time. Wordfence thinks it’s an hour earlier however (UTC)….

Seems it’s a general issue, there are other posts like this… Maybe an issue with the new version? i’m using the free version (7.3.1) that just introduced 2FA.

Same here in the Netherlands, server time is 2 hours behind. I can’t use 2FA now.

Same issue – based in London.

Any updates on this?

Hey All,

Can you please check Wordfence > Login Security for the current time being reported? It’s located at the bottom left side of the page as Server Time:. The time shown there is what your server is reporting as the current UTC time. You’ll want to make sure your device and this time matches. Please be mindful of timezones as well.

Please let me know.

Thanks,

Gerroald

The time displayed IS the correct UTC time, but is not my correct local time. My server is set up with UTC-6 time zone, every other source I have checked on my server displays the correct server time of UTC-6, but the Wordfence > Login Security tab displays my server time as UTC-0.

Server Time should NOT arbitrarily == UTC time.

• This reply was modified 5 years, 6 months ago by dloprodz.

Hey @dloprodz,

Can you please try setting your timezone in your php.ini file and let me know if it helps?

Assuming you’re in North America you can find the syntax here – https://www.php.net/manual/en/timezones.america.php

Then you’ll want to adjust the timezone like the example below.

date.timezone = "America/Denver"

Please note that this can’t just be added anywhere, it needs to be in the [Date] block of code.

Please give this a try and let me know if it helps.

Thanks,

Gerroald

The timezone is correct on the php.ini file.

Ran this PHP script and it displays my correct local time:

<?php
echo date('Y-m-d G:i:s');
?>

The timezone is displayed correctly on the WordPress > General Settings tab.

The problem resides only on the Wordfence > Login Security tab.

• This reply was modified 5 years, 6 months ago by dloprodz.

I checked the server time with my webhost, and the server time is setup 100% good!

This looks like some kind of bug in the latest WordFence version, because the server time is only wrong in WordFence.

I investigated a bit more here. Current situation:

WHM Server time is set to: “Europe/London” and shows correct local time
Wordpress Timezone is set to “London” and shows correct local time
WordFence shows local time minus one hour (UTC) preventing 2FA from working

I then uploaded a test.php file to a cpanel domain containing:

 echo date('Y-m-d G:i:s');
 echo strftime("%c");

Loading this file in a browser showed the time was local time minus one hour (UTC) – OK then something not right here, so I then took a look at my php.ini file and found:

date.timezone = "UTC"

I changed this to:

date.timezone = "Europe/London"

I rebooted WHM and then I reloaded the test.php file. This time the correct local time is showing in the php date output. Yay I thought….

So I then go back into WordPress and check out “Server Time” in the WordFence 2FA section… sadly it is still showing local time minus one hour preventing 2FA from working.

I don’t know where WordFence is picking up the time from….

I can confirm too, this most likely a bug on the latest version of Wordfence, all possible option to set the date do not work, I have few website with different hosting companies, all have the same issue.

May the next update will fix the issue.

After all tests ran and seeing everybody is getting the same issue, I’m now almost certain the problem is in the Wordfence code, it must be requesting the server’s UTC time instead of the server’s actual local time.

Please check that on your side as we have tried everything you have suggested on our side.

Thank you.

I had a look in the WordFence plugin files – this is where I think it is getting the time from, right at the end of the file:

wordfence.7.3.1\wordfence\modules\login-security\classes\controller\time.php

I’m not sufficiently good at PHP though to understand what it is doing. It does mention UTC in there though.

I have updated to version 7.3.2 but the server time displayed by WordFence is still 2 hours behind…

• This reply was modified 5 years, 6 months ago by Alwin.

Hi All,

Wordfence is requesting the UTC time, and as long as it’s correct it should work just fine.

In Settings > General does your Universal time (UTC) is match the Server Time: Found on the bottom left of the Wordfence > Login Security page?

Thanks,

Gerroald

Wordfence>Login Security is showing this server time right now:
Server Time: 2019-05-17 17:52:39

But the correct time is now 19:53:39 !!

So 2FA is still not working for me! I have checked with my hosting company and run some tests myself to check if the server time is correct, and it is.

Also, I have the same problems on other webistes that are hosted by 2 different webhosters.