Possible bug, backend doesn’t load using email based 2FA and user roles

  • Resolved galloy1

    (@galloy1)


    3 months, 3 weeks ago

    Hi there,

    We have encountered an unusual bug when using Shield Security’s email based 2FA system.

    Our setup: WordPress Woocommerce store. We are using the 2 Factor Authentication By Email option, with Enforce – Email Authentication applied to some specified user roles only. Some of these roles are roles we have created for the site. ‘Allow any user to turn on’ is off. The 2FA verification page is set to WP login page. 2FA user config page is set to Wp User Profile Page.

    The issue we have is that for users whose roles have email 2FA applied, after they have successfully verified via 2FA the site doesn’t seem to load correctly. The front end loads and is visible, but the browser loading progress indicator continues to animate as if the site is not fully loaded. The users cannot access the backend of the site at all, the tab appears to be loading but no content appears, meaning the backend is not visible/usable at all to these user roles.

    What’s particularly strange is, this happens when using our office wifi connection, but does not happen when using our mobile hotspot dongle from the same location.

    I have checked the office wifi IP address against shield’s block list and it is not blocked/has no restrictions that I can see. This issue only started happening when we activated 2FA for these user roles. When I switch off 2FA for the users who are experiencing this issue, the issue stops and the backend loads correctly for them.

    Does anyone have any idea what might be happening here?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Paul

    (@paultgoodchild)

    That’s a bit of a wild one, particularly with it only happening on your wifi. I honestly haven’t heard anything similar from any other members.

    When they’re “forever” loading the frontend, can you switch on the console and see which assets are not getting loaded under the “network” tab? That might give a clue.

    When loading the admin, can you do the same and see if you’re getting any signs under the network tab of what’s not loading.

    Are there any server/PHP errors being logged?

    For now the best bet is to find out what’s not getting loaded in the browser. Have you tried

    • resetting your router?
    • testing over a VPN?

    Let us know what you find. Thanks!

    Thread Starter galloy1

    (@galloy1)

    Thanks for your prompt reply Paul. A very strange issue to run into! My first thought was a local issue but all router resets etc. didn’t resolve it. Additionally, when I create a test user for myself with the same role, apply 2FA then log in from my home computer I don’t get the issue. It’s only happening at our office. It really seems like it should be some sort of local issue, so I’m perplexed as to why disabling 2FA resolves it!

    I’ll need to ask the guys to check console for the info, please bear with me.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.