Two factor authentication doesn’t work for some users

  • Resolved mattheo

    (@mattheo)


    2 years, 1 month ago

    Hello,
    I’m testing the 2FA feature of your plugin and I noticed that it works only for users that have an Admin or Editor roles.

    When I try to login with aa a “custom editor” user I don’t see any 2FA on the login and I can enter the wp-admin without any verification.

    Is there a way to set the two factor authentication for every single user, even the minor or custom ones?

Viewing 15 replies - 1 through 15 (of 15 total)
  • Plugin Support Georgi Ganchev

    (@georgiganchev)

    Hello @mattheo

    By default, the 2FA feature is applied only for the Admin and Editor user roles.

    If you would like to use this feature for additional roles, we have prepared a filter that you can add under your theme’s functions.php file. You can observe the filter here:

    add_filter( 'sg_security_2fa_roles', 'add_user_roles_to_2fa' );
function add_user_roles_to_2fa( $roles ) {
    $roles[] = 'your_role';
    return $roles;
}

    You can add additional fields if you would like more roles to be protected. You just need to substitute “your_role” with the exact user role that you would like to use.

    Best regards,
    Georgi Ganchev
    Technical Support

    Thread Starter mattheo

    (@mattheo)

    Hi Georgi,
    many thanks for your support

    We had positive results using your code in a single WP installation.

    We also used that code in a WP multisite installation.

    We put it in every functions.php of that installation, because we’ve got different themes.

    In some of those themes the code it works, in some other ones the whole theme goes in error, not showing the subsite.

    Have you an idea how we could do to avoid errors and to reach the result?

    • This reply was modified 2 years, 1 month ago by mattheo.
    Plugin Support Delyan Delov

    (@delyandelov)

    Hi @mattheo,

    I am afraid that we cannot provide you with any meaningful information without being able to investigate the errors you are receiving.

    Could you provide us with the site URL where the theme error is visible so we can further look into it?

    Thread Starter mattheo

    (@mattheo)

    We added this code to functions.php in the folder /theme in the main site (the first one) of the multisite installation.

    We added the same code in functions.php in the folder /theme of every site of the multisite installation.

    add_filter( 'sg_security_2fa_roles', 'add_user_roles_to_2fa' );
function add_user_roles_to_2fa( $roles ) {
    $roles[] = 'editoruerlimitatoadalcunicontenuti';
    $roles[] = 'editorsoloedit';
    return $roles;
}

    in both cases the 2fa hasn’t been worked.

    The fact is that: in our TEST MULTI-SITE (which is an exact copy of the live multisite) we used a specular code that is working properly, with the 2fa active for our custom users.

    add_filter( 'sg_security_2fa_roles', 'add_user_roles_to_2fa' );
function add_user_roles_to_2fa( $roles ) {
    $roles[] = 'editorformazioneintegrale';
    $roles[] = 'wpseo_editor';
    $roles[] = 'psicologo';
    return $roles;
}

    I hope these elements can help you to understand our problem.

    Thanks,
    M

    • This reply was modified 2 years, 1 month ago by mattheo.
    Plugin Support Delyan Delov

    (@delyandelov)

    The typical WordPress Mulstisite installation does not provide separate theme folders. Could you provide more information regarding the exact setup you are using so we can try to recreate it?

    Also, could you please copy the error message you are receiving on your subsites?

    Thread Starter mattheo

    (@mattheo)

    Our WP multisite installation has some customizations in styles and functions for its different subsites.

    For this reason we have files in /wp-content/theme/subsite1/, that is the leading one and some customized files (for example functions.php, style.css and specific template files…) in /wp-content/theme/subsite2/ or /wp-content/theme/subsite3/ and so on.

    The error is that your code is working on test area (pretty well, even if some roles it is not able to manage, we didn’t know why), but it is not working on the live site at all.

    Plugin Support Delyan Delov

    (@delyandelov)

    Thank you for the provided information, @mattheo.

    I have conducted several tests with single and Multisite setups and found a small issue in the plugin that prevents the 2FA to work on the subsites. I have already notified our developers regarding the case and they will fix the issue in the upcoming plugin version.

    For the time being, the 2FA will work only with the Editor and Administrator roles even if you use the filter provided above.

    Regarding the issue you are experiencing with the live site compared with the testing site, most probably there is some different configuration that is causing the issue. I would advise you to check the server configuration as well if they are located on different servers. Also, make sure our plugin is up-to-date on your test site as well as on the live site.

    • This reply was modified 2 years, 1 month ago by Delyan Delov.
    • This reply was modified 2 years, 1 month ago by Delyan Delov.
    Thread Starter mattheo

    (@mattheo)

    Thank you for your response.

    It’s a strange result the one we are obtaining, because, with this code in the test site we are able to let woking the role 1 (editorformazioneintegrale) and the role 2 (wpseo_editor), but not the role 3 (psicologo)

    
add_filter( 'sg_security_2fa_roles', 'add_user_roles_to_2fa' );
function add_user_roles_to_2fa( $roles ) {
    $roles[] = 'editorformazioneintegrale';
    $roles[] = 'wpseo_editor';
    $roles[] = 'psicologo';
    return $roles;
}
    • This reply was modified 2 years, 1 month ago by mattheo.
    Plugin Support Delyan Delov

    (@delyandelov)

    I have tried to recreate the described behavior on my end but to no avail. If the 2FA does not work only for one role, probably it is not defined properly or there is an error in the code.

    I would recommend waiting for the new plugin release where the above-mentioned issue will be fixed and then performing another test on your end.

    Thread Starter mattheo

    (@mattheo)

    Thank you very much for your fast response.

    I’ve seen that you’re updating quite frequently.
    Do you know how much time does this fix require?

    Regards,
    M.

    Plugin Support Delyan Delov

    (@delyandelov)

    I am afraid that I cannot provide an ETA for when the next version will be released.

    @delyandelov I believe this fix you did for multisite actually broke 2FA now. I think whatever that “fix” was needs to be reevaluated as I am now totally locked out of my entire network of sites due potentially to whatever was trying to be fixed for this issue.

    Plugin Support Delyan Delov

    (@delyandelov)

    Hi @tnolte,

    I have noticed that you already created a new topic regarding the issue you are experiencing:

    https://www.ads-software.com/support/topic/lastest-release-broke-2fa-verification/

    As suggested in the above thread, please post a ticket through SiteGround’s Helpdesk so we can investigate the case further.

    Thread Starter mattheo

    (@mattheo)

    Hi Delyan,

    I saw you released a new version of the plugin (v. 1.3.6).
    Did my issue regarding the WP multisites installation has been solved with the update?

    Many thanks.
    M.

    Plugin Support daniellaivanova

    (@daniellaivanova)

    The issue should be resolved in the latest version of the plugin (v. 1.3.6).

    Best regards,
    Daniela Ivanova

Viewing 15 replies - 1 through 15 (of 15 total)
  • The topic ‘Two factor authentication doesn’t work for some users’ is closed to new replies.