Wordfence interferes with PMPro Login

  • Resolved charmedchicken

    (@charmedchicken)


    9 months, 4 weeks ago

    (Note: I’m the SuperUser) When I log into my website with 2FA through Wordfence activated, I won’t get the 2FA window and it won’t allow me to login. Changing the name of the wordfence plugin allows login. (Or so I thought, when I disabled 2FA for my login)

    Today when I went to login (I’m going to mydomain.com/wp-admin and getting the login page from there) and it simply cycled back to the login page (same behavior as before) and the URL mentioned wordfence captcha.

    I’ve added my IP address to bypass the captcha and 2FA, but I’d really like to remove this so it doesn’t cause any security issues.

    Have you tested your plugin when it’s activated with wordfence (free version)? Because on nearly every site I’ve built, WF 2FA interferes with the login after PMPro is activated.

    I do have a member homepage set, but I DO NOT have the other two boxes checked to always redirect. Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Jarryd Long

    (@jarryd-long)

    Hi there, thank you for reaching out to Paid Memberships Pro.

    Our login page does not support 2FA at this point in time and because your PMPro settings set the default login page to /login, all requests to /wp-admin will redirect to /login too.

    As a workaround for this, you will need to set your default PMPro login page to use the ‘Default WP Login Page’ from the dropdown under Memberships > Settings > Pages and use the default login page for 2FA login actions.

    Plugin Support Jarryd Long

    (@jarryd-long)

    Because there have not been any recent updates to this topic, we will be changing the status to resolved.

    If you’re enjoying Paid Memberships Pro, would you mind rating it 5-stars to help spread the word? https://www.ads-software.com/support/plugin/paid-memberships-pro/reviews/

    Thread Starter charmedchicken

    (@charmedchicken)

    Sorry, it took me a bit to get back to it. There were no “default wp login page” options there. I saw just the login pages created by PMPro and Directorist (which I did not use), so I left it as is with the IP whitelist in place. It’s a shame, because I really like PMPro and have used it for years (even held a license at one point, but just can’t afford it anymore), but I can’t recommend it to my clients if it doesn’t work with 2FA.

    Plugin Support Jarryd Long

    (@jarryd-long)

    PMPro can still run perfectly without using our login page – You can use the default /wp-admin login page which supports 2FA, there’s also a variety of login plugins out there that offer a better looking login page than the wp-admin and can support 2FA.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Wordfence interferes with PMPro Login’ is closed to new replies.

Tags