Mirror Site Compatibility

  • Resolved alan

    (@f1alan)


    1 year, 7 months ago

    We have just added the WP 2FA plugin to our website and it is working well. However, we have a local mirror that is regularly synced with the live website and the 2FA codes (that work on the live site) are not accepted by it.

    Is this expected behaviour? I have worked around it by adding a step to our mirror process that deactivates the plugin by renaming the folder but if this is not necessary or there is a better approach I would be interested to find out.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor robertabela

    (@robert681)

    Hello @f1alan

    Thank you for using our plugin. This is expected behaviour.

    The plugin stores the private key in the wp-config.php file. So most probably when you mirrored the website to your local environment, you did not mirror the wp-config.php file, so the plugin did not find the key and created a new one.

    If you copy the below line from your live wp-config.php to the mirrored one users should be able to log in:

    define(?‘WP2FA_ENCRYPT_KEY’, ‘your-key-here’);

    Can you please let us know if the above helps? Thanks.

    Thread Starter alan

    (@f1alan)

    Thanks for the suggestion, I thought that might solve it as we don’t mirror wp-config.php but I just tried updating the key and it still gives the following error:

    ERROR: Invalid verification code.

    I think I’ll stick to my current strategy of renaming the folder for now.

    Plugin Contributor robertabela

    (@robert681)

    It could be that the plugin has already created its own private key on the staging website. Can you try the following:

    1. Deactivate the plugin
    2. Search for the following setting in the wp_options table: wp_2fa_secret_key
    3. Delete the setting
    4. Make sure the original private key is in the wp-config.php file
    5. Activate the plugin

    That should do the trick. Can you please advise if the above helps?

    Thread Starter alan

    (@f1alan)

    Thanks, I’ve just tried this and couldn’t find the wp_2fa_secret_key setting in wp_options. However, I couldn’t find it in the live database either. Just to confirm, I am searching for it in the option_name field in wp_options.

    Plugin Contributor robertabela

    (@robert681)

    Hello Alan,

    You are searching for the right thing. If you are not finding anything in the database, then it means that the plugin is correctly using the key from the wp-config.php file.

    So it seems from the configuration point of view everything is working as it should and everything is set up correctly. By any chance is the time of the staging / testing server different than that of the live website?

    Whenever codes stop working time differences / off-sync time is one of the major sources of problems.

    Thread Starter alan

    (@f1alan)

    Good idea about the time but I just checked and confirmed that they are in sync. However, I decided to give it another try and to my surprise the 2FA code worked this morning. It did seem to be a bit intermittent though and only worked on one of our mirrors. This could be our problem and I’m satisfied that it works enough for what we need from our mirror.

    Plugin Contributor robertabela

    (@robert681)

    Hello Alan,

    I am glad to read that now it is “working”. To be on the safe side, make sure the private key is in the wp-config file, that saves a lot of hassle.

    Should there be anything else we can assist you with, please do not hesitate to ask. Also, please do not forget to spare a minute and rate our plugin and service. These ratings really help us.

    Thank you and have a great day.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Mirror Site Compatibility’ is closed to new replies.