Whitelisted IP addresses that bypass 2FA not working

Hi @rikdol thanks for contacting us over the issue you’re seeing.

Just for my information, are the IP addresses you’re whitelisting for 2FA definitely confirmed as static IPs? It might be worth checking from your location the IP currently being displayed on https://whatsmyip.com matches your whitelisted IPs in case there’s some reason for them to be detected differently from your browser at the time of login.

Your settings look fine from the screenshot so in the console, you’d be wanting to look for red Javascript errors, or the network tab reporting any failed page loads. Errors here would potentially be preventing the Wordfence 2FA settings from reaching the front-end when you sign in.

If the above doesn’t give us any solid reasons why this is happening, can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Note: For the fastest response time, please make sure and add any information or questions directly to this topic and not the email address above unless asked.

Thanks,

Peter.

• This reply was modified 3 years, 12 months ago by wfpeter.

Hi Peter,

Thanks for your elaborate response.

Just for my information, are the IP addresses you’re whitelisting for 2FA definitely confirmed as static IPs?

Yes, the IP’s are confirmed since I also use my home IP to host other things that need to be accessible from the web. Those are confirmed, also with the site you suggested. So there is no reason for me to think they’re wrong, but I double-checked anyways ??

If the above doesn’t give us any solid reasons why this is happening, can you send a diagnostic report

I’ve just sent the report from diagnostics using this forum’s username: @rikdol.

so in the console, you’d be wanting to look for red Javascript errors, or the network tab reporting any failed page loads.

I can’t see errors in the console during the login phase.
After entering the username/password it will prompt me for the authenticator code. Which is tedious when I’m working from home.

I responded a bit late since I didn’t get notified of a response. ill be watching the thread more closely ??

Hi @rikdol,

Your diagnostic states that it originates from an IP not stated for whitelisting in your original message, but I assume you were sending it from one of these locations?

There might be a problem with the way Wordfence detects IPs and that is why you’re not managing to bypass 2FA as intended. Look at Wordfence > Dashboard > Global Options > General Wordfence Options > How does Wordfence get IPs and cycle through the options there until it displays your current IP address. That will be the setting you need to use going forward, so click the SAVE button once you’re done.

Thanks again,

Peter.

Hi @rikdol,

seems to me like we have or had the same problem…

I found out that there are different types of IP’s – static and dynamic ones

https://whatismyipaddress.com/dynamic-static

Most people do have a dynamic one – with which the whitelisting does not work since the address is constantly changing (as far as I know?!)

I hope that’s helpful, great day to everyone

Edit: Just saw that the Thread is already marked as “resolved”, just not closed yet! Anyway, hopefully helpful to others searching for the same Issue.

• This reply was modified 3 years, 9 months ago by Adrean.