Lastest Release Broke 2FA Verification

@elenachavdarova so once again you released another version of the plugin and it broke 2FA and locked all of my users out of the multisite instance again. At this point I can no longer recommend anyone should be using SG Security 2FA for multisite instances. I can’t be dealing with resetting 2FA all over again, removing the old 2FA from my app resaving backup codes. Its a huge pain. I only have a couple of users across my personal multisite that it’s affecting I can’t even begin to fathom the pain of dealing with this if there are 10s or 100s of users across a multisite instance.

I am sorry to hear that, @tnolte!

We have included a LiteSpeed Cache purge on both 2FA enable and reset functionality especially for this reported case. Could you please confirm that users are still locked out if you clear/disable LiteSpeed caching on the site?

We have performed intensive testing on Multisite instances and such behaviour was not observed.

Additionally if you can provide us with mode details of your LiteSpeed cache setup as requested in my previous reply it would be of huge help.

Thank you for your reports and cooperation so far!

Best Regards,
Elena

@elenachavdarova so I’m not using a Preset as I believe that was added after I had the plugin already setup. In terms of the cache settings here is the export section of my cache setup:

["cache",2]

["cache-priv",true]

["cache-commenter",true]

["cache-rest",true]

["cache-page_login",true]

["cache-favicon",true]

["cache-resources",true]

["cache-mobile",false]

["cache-mobile_rules",["Mobile","Android","Silk\/","Kindle","BlackBerry","Opera Mini","Opera Mobi"]]

["cache-browser",true]

["cache-exc_useragents",[]]

["cache-exc_cookies",[]]

["cache-exc_qs",[]]

["cache-exc_cat",[]]

["cache-exc_tag",[]]

["cache-force_uri",[]]

["cache-force_pub_uri",[]]

["cache-priv_uri",[]]

["cache-exc",[]]

["cache-exc_roles",[]]

["cache-drop_qs",["fbclid","gclid","utm*","_ga"]]

["cache-ttl_pub",604800]

["cache-ttl_priv",1800]

["cache-ttl_frontpage",604800]

["cache-ttl_feed",0]

["cache-ttl_rest",604800]

["cache-ttl_browser",2592000]

["cache-ttl_status",["403 3600","404 3600","500 3600"]]

["cache-login_cookie",""]

["cache-vary_group",[]]

["purge-upgrade",true]

["purge-stale",true]

["purge-post_all",false]

["purge-post_f",true]

["purge-post_h",true]

["purge-post_p",true]

["purge-post_pwrp",true]

["purge-post_a",true]

["purge-post_y",false]

["purge-post_m",true]

["purge-post_d",false]

["purge-post_t",true]

["purge-post_pt",true]

["purge-timed_urls",[]]

["purge-timed_urls_time",""]

["purge-hook_all",["switch_theme","wp_create_nav_menu","wp_update_nav_menu","wp_delete_nav_menu","create_term","edit_terms","delete_term","add_link","edit_link","delete_link"]]

["esi",false]

["esi-cache_admbar",true]

["esi-cache_commform",true]

["esi-nonce",["stats_nonce","subscribe_nonce"]]

Hello @tnolte,

Thank you for your reply.

We have opened a hosting account which supports litespeed server and tested the case with all above cache settings applied. Still the issue can not be replicated on our end.

It appears there is something else in your server or website setup which causes the reported behaviour.

If you could setup a test website and disable all cache options to verify if the issue is still present or not.

Best Regards,
Elena