Login form success but no cookies set

  • Resolved damchtlv

    (@damchtlv)


    1 year, 10 months ago

    Hi,
    I just stumbled upon an issue regarding Wordfence and custom login form (ACF Extended form which use wp_signon() function):

    If Wordfence is installed & activated, whatever the firewall mode is (enabled / learning mode / disabled), when i successfully fill a login form, the setcookie headers are not sent in the page response. I still have a “logged successfully” message displayed but in reality the cookies are not set at all.

    Is there a filter or something i can tweak to avoid this issue without disabling Wordfence totally?

    Thanks in advance,
    Damien

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @damchtlv, thanks for getting in touch.

    Have you enabled Wordfence Login Security features such as 2FA or reCAPTCHA? I just ask this as Wordfence may experience issues with the login process on custom forms if they are enabled.

    Other reasons for the cookie not being set is the login flow from the custom form not matching the expected input, caching on your site, or another plugin loading core files out of order. These could have a knock-on effect when Wordfence is enabled so it could be also worth checking whether Wordfence as the only enabled plugin causes the site to still behave in this way to try ruling this in or out. If things do work correctly under these conditions, enabling your other plugins one-by-one should point to when the cookie issues return.

    Let me know how you get on!
    Peter.

    Thread Starter damchtlv

    (@damchtlv)

    Hi @wfpeter

    Thanks for your detailed answer
    You’re correct, it is because of reCaptcha & 2FA actually
    (My main issue was reCaptcha, but if i try to login in with an admin account that has 2FA, it doesn’t work because of 2FA then)

    It makes sense actually that this occurs but is there a way to fix reCaptcha then on custom login? (or maybe just set reCaptcha on the classical WP login form?)
    That way i could set my own recaptcha for example

    I don’t really want to disable those Wordfence features because i have a custom login form somewhere on this site.

    Thread Starter damchtlv

    (@damchtlv)

    Update: i found a fix using your filter wordfence_ls_require_captcha on another thread which had a related issue

    This thread can be closed ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Login form success but no cookies set’ is closed to new replies.