502 bad gateway when login

The issue persist, seems also if I selected to remove all plugin data when deleted, when installed again plugin data still be configured even if I see wizard and I finish it… other things that was configured still be and I still cannot login with this plugin active. Any suggestion?

I think I found why in just one website I was unable to login.
There is an incompatibility with Wordfence if is active in Wordfence the 2 step and if I activate in shield security the option under shield protection, login protection, 2 factor authentication. If this option is active and Wordfence 2 step is active I cannot login anymore. I may need deactivate the 2 step on Wordfence and setup on Shield Security.

First, this extension never respect the setting to reset delete all data when removed. Should I report this issue in another topic?

Second: seems, on my opinion, Wordfence 2 factor is better then the free two factor provided by shield security because in my profile I see the only option to activate two factor by email. This is good but is less secure then configure an authenticator app, I want use an authenticator app as I do in Wordfence and this seems to be not possibile. also I see backup codes are a premium feature so I have this for free in Wordfence. Now the issue is that seems I cannot keep Wordfence 2 step active and security shield two factor login protection.

The shield security has this login protection by email that is good for users that never configure an app.. but should let me configure an app instead of email and backup code should be not a premium feature or is better for me use another 2 factor solution… but here I have found a compatibility issue with Wordfence.. the extension I use.

Hi,

Thanks so much for keeping us updated all the time and for your feedback on 2FA. This is highly appreciated.

I’m glad to hear that you were able to narrow down the initial problem.

Using multiple WordPress security plugins may have unpredictable results. This is because 1 WordPress plugin doesn’t have inherent understanding of what another plugin does. So when 1 feature from 1 plugin doesn’t seem to work well with another related feature of another plugin, this is perfectly normal.

When it’s about temp disabling Shield, the easiest way is using the “forceoff” method outlined here. So, any time you get locked out of your own site as the result of Shield, for any reason, instead of renaming the plugin folder, you can forceoff. When?forceoff, the plugin itself will be active but none of the security/blocking options will be enforced – Shield can’t block anything. This will allow you to regain access to your site and troubleshoot.

Regarding deleting plugin settings option (under General Settings > Plugin Defaults), this will work upon plugin deactivation only. Once you enable this option, you’ll need to go to the Plugins page of your site and click to deactivate > activate Shield Security plugin. All previous settings will be deleted (cleaned out) and revert to defaults.

As for the Shield’s 2FA, there are x3 options that are available in Free version:
1) 2FA by email
2) Google Authentication
3) Yubikey
So, if you prefer using Google Authenticator app over 2FA by email, you may enable this option in Shield settings and set it up for your user account.
You also have the ability to specify pages available to users to configure 2FA on their account.

Sincerely hope that you find this helpful…

Thanks.

Jelena

Thank you, I will see ??

No problem, always happy to help! ??

@jmisic just the last thing: for reset plugin settings I need check the relative option, deactivate the plugin and reactivate?

If I select the relative option, deactivate the plugin, remove and reinstall then activate the settings are not resetted? I do this second behavior and settings was not resetted, seems the plugin keep his settings in the database. I expect when the plugin is deactived, if I remove it all database data are erased, seems is not. I’m not sure the function to reset the plugin is working well, in my experience I was not able to reset and delete all plugin settings.

Thanks for reporting this.

We’ll investigate the issue with resetting options – there may be a bug there. Could you let us know if you are deactivating from inside WP, or using FTP to remove the plugin?

Also, which settings were kept when you tried to reset, please?
Shield has some default settings so maybe it is that you’re seeing?

Can you try the “reset” feature detailed here, and see if that works for you, please?

• This reply was modified 1 year, 5 months ago by Jelena.

Hi,

Just would like to share an update with you:
We’ve tested possible 2FA conflict with Wordfence, and we can’t reproduce 502 bad gateway error or see any other type of error…

Perhaps it’s something else on your site that’s causing this, or something particular to your hosting. Worth of investigating to see if that’s the case.

@jmisic from what I know is this the issue. If when I login I set to use Google auth code from Wordfence then once logged in I set your plugin to activate the two step by email, once I confirm the link in email the two factor will be activated also for your plugin. Log-in out and logged in cause the impossibility to login.

Disabling your two step and keep the Wordfence active resolve the issue. This is all I know. Also my desire is to try to use your 2 factor app but I’m contesting to Wordfence the fact they never allow me to completely disable 2 step managed by Wordfence. In any case thanks for your help.

• This reply was modified 1 year, 5 months ago by peopleinside.

@jmisic you are right. I disabled Wordfence 2 step and configured Google auth with your plugin. Try to login give me 502 error so seems I cannot use 2 factor from you. How can we understand why?

Hi,

Are you using any other security service at all on the site? e.g. Sucuri, CloudFlare, etc.

Where do you host your site?

Can you provide the URL, please?

@paultgoodchild Only Wordfence. Seems deactivating this on my website resolve the issue. I will see. Thanks for the help. This seems to be a plugin conflict maybe some configuration in Wordfence. I will try to reset Wordfence as deactived your two step works ?? Many thanks, you are very kind and fast. Amazing, loving you.