2FA error

Hi @kbliang,

Thanks for letting me know about this problem. I’ve been able to replicate the problem at my side, and can confirm, there seems to be a bug in the code. Investigating potential solutions now. I’ll reply back again when I progress a little further. ??

Hi @kbliang,

I’ve pushed some changes just now which should solve the problem. If possible, from the front-end updates page, try updating to the latest available version (3.5.0-DEV+233360).

If not possible (i.e., due to 2FA already being enabled, and no available front-end account without it), if you edit your CIDRAM’s configuration file, look for the line enable_two_factor: true and change it to enable_two_factor: false, that should disable 2FA for your CIDRAM installation (you can reenable it again from the front-end configuration page after you’ve successfully logged in and updated).

After updating, try reenabling 2FA. If the problem persists, let me know. ??

Hi. After one night, I went back to the CIDRAM frontend page again. This time it says you don’t have access instead of the original critical error. Checking the error log did not record any errors.

I’ve tried starting over, uninstalling the plugin, and reinstalling it, but still no access.

Which file in the plugin should I change to resolve this?

Thanks!

In your wp-content/plugins directory, check for a cidram-configuration.yml file. Because WordPress replaces a plugin’s entire directory when updating plugins, if a plugin has any modified/customised files, there’s a risk of those modifications/customisations being lost as a result of updating through WordPress; so, in order for CIDRAM to avoid losing its configuration data (in the past, this was a problem), when operating as a WordPress plugin, recent and current versions of CIDRAM create a copy of the CIDRAM configuration file to that location. The strategy seems to work well for its intended purpose, but also means that when uninstalling/reinstalling the plugin entirely, configuration data from the plugin’s previous installation may potentially still be lingering in that directory. For a fresh reinstallation, deleting that specific file should remove any lingering configuration data from the previous installation (doing so shouldn’t break anything; CIDRAM will automatically recreate the file the next time it executes, with fresh/default data).

• This reply was modified 11 months, 4 weeks ago by Maikuolan. Reason: Better phrasing

If you are referring to config.yml, I actually found that file before uninstalling the plugin. The problem is that the archive’s enable_two_factor remains at false.

This is weird because I didn’t change it back and it’s not possible for me to change it back (I don’t have access to the frontend).

In other words, the current plugin maintains the enable_two_factor: false setting, and then I can’t access the frontend.

Can you please tell me exactly which old settings files should be deleted and where they are located? I want to at least have access to the frontend first and then check for updates to 2fa.

Thanks for your support ??

I tested deleting the ‘config.yml’ but I still can’t access it.

Hi. I successfully entered the panel by changing the key text of the source code. The update is now complete.

I found that the access permission issue was caused by a plugin conflict. **Plugin name: Security Optimizer – By SiteGround

I still don’t know which configuration is causing the problem.

The original serious error has been resolved through updates.

Now there is a new problem I can’t receive the email from 2fa (I have checked my spam box).

Through your guidance I ensured the following:

1. Username is my email
2. Installed and enabled phpmailer in the update panel
3. Set 2fa to ‘enable’ in the frontend options of the setting page

Am I missing something?

Thanks!

Steps taken sound good so far. :+1:

Have you also populated some values into the “phpmailer” configuration directives at the configuration page? If anything needed from there is missing (e.g., phpmailer?host, phpmailer?username, etc), that could potentially cause 2fa to not work properly.

• This reply was modified 11 months, 3 weeks ago by Maikuolan.

Solved.