Roles and login problems

Hi @sbct, thanks for getting in touch and providing us with some good detail.

Whilst Wordfence can add “Login Security” such as reCAPTCHA and 2FA functionality that can be assigned to roles, it does not perform user management actions on WordPress users. This makes the alteration of roles to “none” after log in quite interesting, especially if it resolves after disabling Wordfence. My suspicion would be that a 3rd party user management plugin, which also includes online stores where users can register, is causing a conflict of some kind.

The first thing to check would be whether the login action begins to work correctly with Wordfence as the only enabled plugin whilst using a default theme such as Twenty Twenty-One. If it does, enable your other plugins one-by-one, and finally your theme, until the problem starts presenting itself again. Also, it can help to view your browser console as some conflicts can present as Javascript errors. You can show these to us by using a service such as Snipboard.

Let me know if any of that sheds any more light on the issue.

Thanks,

Peter.

Hello Peter,
Thanks for your help!

Unfortunately I wasn’t able to resolve the issue even disabling alla the plugins and having only WF installed, in fact as I, with only WF installed get the same error, and after disabling it, even with just 1 plugin installed, I was able to login.
The weird thing is that with WF installed it changes the role to none, but in the users list in the backend of my admin account, I can see that the last login was successful. It Dows change the user too, where it removes the nickname, and sets the 2FA status to “Not Allowed”.
It is very veird, because it does that with only WF installed.

I’ve checked the consolle but I don’t get any JS error.

Can you please help me finding out the problem? Otherwise I’d have to change security plugin, but I like WF very much.

Thanks!

• This reply was modified 3 years, 7 months ago by sbct.

Hi @sbct,

I haven’t seen this behaviour before with Wordfence as the only plugin and we have a vast number of installations using Wordfence, who’ll all be logging in using their WordPress user accounts. I appreciate this is frustrating of course, so I should look further into your site configuration and available plugins.

Can you please send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Note: For the fastest response time, please make sure and add any information or questions directly to this topic and not the email address above unless asked.

Thanks again,

Peter.

Hello Peter,
I’ve sent the logs to the indicated email.

Thanks in advance!

Hi @sbct,

I’ve taken a look through your diagnostic report. Where plugins that are enabled like “Hide Admin Bar From Front End” might give a logged in user the impression they aren’t logged in as described in your original message, I feel like we have to rule this kind of thing out as you’ve tested with only Wordfence enabled.

As I mentioned before, Wordfence doesn’t try to change user roles, except when the admin uses a button in the scan results to revoke a suspicious admin’s privileges.

I’d start with viewing the error logs. Your diagnostic shows one in the site root and one in wp-admin/, and either of them might have some clues.

If you own/run the server, I’d try restarting LiteSpeed just in case. There’s a very small chance of a PHP opcache bug, and that may clear the issue up if that’s the case.

Thanks again,

Peter.