Setup-Wizard Popup

Hello @sashfurios

Thank you for trying our plugin.

I think you are configuring the policies for users to configure 2FA right away. If you do not want that, then you need to configure the plugin to allow a grace period before configuring 2FA.

You can read more about this in configuring grace period for 2FA.

We also have a number of other useful documents on how you can set up the plugin and the different options in our knowledge base.

I hope the above helps. Should you need more information, please do not hesitate to ask.

Have a great week.

Hi,

Thank you for your message. No, the setting that the 2Fa must be set up immediately is correct. After logging in for the first time, users will be directed to the 2FA page. And this is exactly where the PopUp starts immediately. We don’t want a time delay, the users should set it up immediately! However, they should first be able to read our own information on the 2FA page without the wizard immediately start on page load. They have to click on the button themself after reading our information. The plugin does not offer that by default and there is also no solution in the docs, otherwise I would not have written because I always look in the docs first. I hope you can offer us a solution for this.

Cheers

• This reply was modified 3 years, 1 month ago by Sash.

Thank you for the update @sashfurios

Therefore what you need is a new feature that allows you to redirect the users to a specific page before triggering the 2FA wizard.

That is definitely something we can do and I’ve added it to our features request list. However, please note that I can’t promise you when such feature will be readily available.

Should there be anything else we can assist you with, please do not hesitate to ask.

Mhmmm Okey
I don’t quite understand that. The redirection to the 2FA in the frontend (where our information and the shortcode is) and all other settings are OK. Actually, all we needed is a function or a small code change that prevents the micromodal from starting immediately with the page load. Basically, I don’t like to write changes in the code of third-party plugins myself if I can’t fully understand the code structure. I’m a little disappointed that there is no solution from you, that would made things a lot easier. However, we need this Way for our project. That’s why I asked about this before I turn to someone else to adjust it.

Anyway, thanks for the plugin and the work.

Cheers Sash

@sashfurios I also would request this – however, a workaround for now is to make our own page and then have our own button that launches their modal page. It’s not ideal, but it works for now!

@iamhere that would only work if the user didn’t have to set the 2FA immediately. When setting up immediately, after login there is a redirection to the WP 2FA page (where the frontend shortcode is used). That is why this is not possible.

• This reply was modified 3 years, 1 month ago by Sash.
• This reply was modified 3 years, 1 month ago by Sash.

Hello @sashfurios

I am sorry that you are disappointed, even though I do not understand why you are disappointed.

I already confirmed that we will address this in future updates. We will look into the options that there are, consider your requirements and the requirements of many other users, and come up with the best possible solution that fits the requirements of most users.

I can’t offer you than this at this stage, which I think is very reasonable. Please note that we do not do “quick fixes” for individuals because more often than not, these lead to complications in future updates.

Should you wish to add something else, please do not hesitate to post or contact us over email.

Have a great day and thank you again for using our plugin.

Yes, actually I can see the issue with this too.

It does cause a problem with URL rewrites, if the user closes the modal pop up and then navigates elsewhere, it returns a “This page isn’t working – ERR_TOO_MANY_REDIRECTS”

For example, if we want to give them access to a FAQ page – that’s not possible.

So @robert681 it would be good to see if we can disable this ?

Or if there is no way to disable this – how could we fix the redirect error ?

I should add that I have set up a custom Frontend 2FA settings page URL

EDIT: OK I solved the issue of the redirect problem by adding an entry in my .htaccess file (apache server), but I would still like to give the user the option of going to an internal FAQ page – or if that’s not possible – then to log them out when they click cancel.

I will email your support team!

• This reply was modified 3 years, 1 month ago by Iamhere.
• This reply was modified 3 years, 1 month ago by Iamhere.
• This reply was modified 3 years, 1 month ago by Iamhere.
• This reply was modified 3 years, 1 month ago by Iamhere.
• This reply was modified 3 years, 1 month ago by Iamhere.

Hello @sashfurios and @iamhere

We are looking into a number of different solutions to address this feature request. The best two options so far are:

1) Give the admin the option to specify a URL where the users are redirected upon logging in, before the wizard pops up.

2) Give the user the option to add a “slide” in the wizard in which they can enter any text and links they want (for example with an explanation of what the user needs to do, and also a link to the privacy policy or any other required legal documents etc). In the slide there will be a button which when clicked the user is redirected to the wizard.

Option number 2 is more secure, gives us more control and is the most sturdy solution. With the first option we’ll have a lot of unknowns and need to address many more exceptions, for example, will the user be allowed to visit this page multiple times? Can the user navigate back to that URL? If it is a slide in the wizard we can easily address these questions.

Would like to hear your thoughts on what you think of the above.

Looking forward to hearing from you.

Thank you for think about the problem.
For me and for most of my customer projects, both options are not optimal. Although, point 1 is closer to the solution. The page should always be available because I would use it for all information and the FAQ for the 2FA settings, for example. In my opinion this should be adjustable independently of your plugin. The link to this custom page should also be visible as a link in your popup as well as in the profiles (WP-Profile / Fronted-Profile).

1. However, I would say goodbye to the wizard popup after login and do it fundamentally differently.
– If the user has to set the 2FA immediately, he will be redirected to the WP profile, the Frontend profile or according to his own choice, to a custom page (all Url should be changeable in the settings.)
– A small pop up says that you cannot do anything on the site until you have completed the 2FA settings with a customizable Button ….that’s it.
Each user can provide instructions etc. himself on the custom page. My customers, who are mostly German-speaking, don’t want to be forwarded to a plugin owner page anyway to read some information in English; they prefer to provide their users with their own information in their own CI. For larger projects, the focus is clearly on the appearance.

I personally find exactly that, a big problem with many plugins (free and paid),… everyone implements their own design and we developers can then either not or only with difficulty css overrides adapt our customer projects to the customer’s CI with. Why not just adapt the plugin to the native wordpress design. That would save us a lot of work and then we might be ready to pay again for another plugin.

Hello @sashfurios

Thank you very much for the valuable feedback. Please send me an email at robert at wpwhitesecurity dot com. I’d like to discuss your requirements in more detail to see what is the best solution that we can come up with, so let’s schedule a call.

Looking forward to hearing from you.