BigCommerce/2FA Conflict on Login Page

  • Resolved twistysnacks

    (@twistysnacks)


    3 months, 1 week ago

    Hello, I just enabled 2FA access on my company’s website, which also has BigCommerce installed. I set up 2FA without incident. However, when I log out and attempt to log in again, nothing happens. I’ll enter my login credentials, click “Log In”, and am simply redirected back to the log in page.

    I realized that it was likely because BigCommerce was hijacking the login and probably trying to redirect me, as BigCommerce forces you to select a custom login page (I can’t find a way to use the default /wp-admin/). I edited the page template for this custom BigCommerce login and simply used the wp_login_form() function. I can see that this new login form is definitely in use, but it isn’t having an effect. I’m still just being redirected back to the login page without errors or comment.

    I tested this all on a staging site, and found that yes, removing BigCommerce resolves the issue. I have been unable to find a way to disable the BigCommerce login redirect, and I’m not able to change the BigCommerce login page to the standard WordPress login screen.

    Does anyone have any ideas on how to resolve this? I can edit the custom login page in any way, I just can’t change how BigCommerce hijacks the login.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @twistysnacks, sorry to see you’re having compatibility issues with Login Security features.

    As our 2FA/reCAPTCHA were designed to work with default WordPress and WooCommerce pages, we have found that developers or anybody editing their forms/theme could try to make other forms compatible by naming elements similarly to the default pages: https://www.ads-software.com/support/topic/the-logging-with-the-form-in-the-frontend-of-the-site-always-gives-an-error/#post-17747476

    Please note though that we’re unable to troubleshoot or support custom code/edits, or guarantee future plugin updates won’t affect them.

    If BigCommerce changes the login flow in a way where Wordfence’s Login Security features are never compatible, even when you try the above, I would look potentially for a 2FA extension for BigCommerce or a compatible standalone 2FA plugin. As you can benefit from Wordfence’s scans and other live protection but run it without the Login Security module individually, this might be the best solution to avoid losing one of the plugins you want to use here.

    Many thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.