enable Two-Factor Authentication for users

Hi @esales2000, thanks for getting in touch.

Provided you’re not using an alternative user management plugin, you can check the default user level in WordPress > Users > All Users. This is often “Subscriber”, so you can enable this to be eligible for 2FA in Wordfence > Login Security > Settings by checking the appropriate box.

In each user’s “Edit Profile” page, which they should be able to access via profile.php regardless of whether they’re an administrator, a new section titled “Wordfence Login Security” at the bottom where they can set 2FA if they wish, as it can only be enforced for administrators at this stage.

Thanks,

Peter.

Hi Peter,

Thank you for your fast reply.
Users are at “customers” group.
Wordfence > Login Security > Settings > i checked (enable) “customers” group.

But, at the users EDIT PROFILE page… there is no “Wordfence Login Security” ..

right now, the only way to enable 2FA for a user, is from the ADMIN interface..

im using FLATSOME theme ..

• This reply was modified 3 years, 8 months ago by esales2000.

Hi @esales2000,

“Customers” don’t appear to be default WordPress user types, so are you using WooCommerce or some other kind of plugin where users can sign in using a non-default page? At this point, Wordfence 2FA is only available for WordPress user types using the default login/registration pages so if they are signing in using the page of a different user-facing plugin, this will not be available to them.

Thanks,

Peter.

Hi peter,

im using User Role Editor Pro plugin and im using the default login/registration page.
with admin accounts, the 2FA is working ( they can login using 2fa ).

but, customers don’t have an option to activate the 2fa option from the MY ACCOUNT page.

right now, the CUSTOMER role having :

wf2fa_activate_2fa_others – unable
wf2fa_activate_2fa_self – enable
wf2fa_manage_settings – unable

Hi @esales2000, thanks for your information.

I have been on annual leave and have been catching up on responses that may have been missed in the mean time as WordPress forums don’t return all new topics to the top for attention.

Please try disabling 2FA for this specific role, and then after re-enabling it, save again. Disabling/saving/re-enabling usually works on our test sites when user roles cannot see 2FA functionality on their profile/account page.

If that doesn’t do it, we look for wf2fa_activate_2fa_self in the list of capabilities in your user role management plugin. As that looks like it’s already on from your previous post, there may be a different problem. This is a custom capability, so changing it or trying a combination should only affect Wordfence settings. Perhaps also try enabling the other 2 temporarily to see if it becomes available to that role.

Thanks,

Peter.

Hi @wfpeter

i hope you are doing well.
i try all your suggestions, but nothing solve the issue

Hi @esales2000,

I will consult with our development team over why changing the roles permissions, re-saving and enabling the options mentioned above have had no effect. Please could you send a diagnostic report as supporting information of your configuration to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Note: For the fastest response time, please make sure and add any information or questions directly to this topic and not the email address above unless asked.

Thanks,

Peter.

Hi @esales2000,

I haven’t received a diagnostic report and topics are normally left open without activity for around 7 days. Can I take this to mean you’ve rectified the issue by altering your setup or would you still like to send the diagnostic over?

Thanks,

Peter.

Hi Peter,

I`m sorry for the late reply.
I sent the diagnostic report.

Thanks in advance

Hi @esales2000, thanks for providing your diagnostic.

I can’t see a clear reason in terms of the site configuration why the user levels we originally discussed cannot see 2FA, but when connecting back to your site, Wordfence is reporting: wp_remote_post() test back to this server failed! Response was: 200 OK

However, the page returned in error is actually your homepage suggesting a theme or plugin level redirect. When I attempt to connect to a URL that should return a blank page such as https://www.yoursite.com/?wordfence_logHuman=1&hid=6ADB7DE84A85D7F4E428BFD37BF6CE46, this also returns your homepage.

I feel that your theme or a .htaccess rewrite rule is likely to be the cause of this, and could also be the reason 2FA is not visible for users as the theme could be making other modifications to pages that suppress alterations.

If there are no custom rewrite rules in your .htaccess, the theme could be causing this, so try switching to a default theme such as Twenty Twenty-One and see if the 2FA section on a user profile is visible. If the behaviour continues, disabling all plugins except for Wordfence could help see if the issue stops. If it does, re-enable your other plugins one-by-one to see when the issue starts cropping up again. You can install a maintenance mode plugin during this time if site visitors are likely to be impacted during your tests.

Thanks,

Peter.

Hi Peter,

Thank you for your great support !!!
I use the HIDE MY WP plugin ( I changed the wp folders and the plugins folders ).
Do you know of any issues with FLATSOME theme and WORDFENCE?

Hi @esales2000,

Hide My WP has historically caused the wp_remote_post() test back to this server failed! error so having that disabled usually has a positive effect. We have seen some mention of Flatsome theme in the past with some customers, although as it’s a paid product we cannot check compatibility ourselves. If you find that disabling the theme resolves your issues, or you’re unable to disable the default behavior of redirecting invalid pages to the homepage – it is my understanding that they provide a support service for paying customers such as yourself.

You can also try Wordfence > Tools > Diagnostics > Debugging Options > Start all scans remotely and hitting the “SAVE CHANGES” button to see if that makes any difference.

Thanks again,

Peter.