Title: 2FA IP Whitelist Function Last modified: August 13, 2025 --- # 2FA IP Whitelist Function * Resolved [watchmakingtools](https://wordpress.org/support/users/watchmakingtools/) * (@watchmakingtools) * [9 months, 1 week ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/) * We’ve been using Wordfence for years and very happy with how well it protects our site. * We configured 2FA IP whitelists to bypass 2FA when we’re in the office but recently we’ve moved our hosting supplier from GoDaddy to SiteGround and since then the 2FA whitelist functionality doesn’t seem to work and we have to go through 2FA everytime we log into WordPress wherever we are. * The Wordfence ‘Allowlisted IP addresses that bypass 2FA and reCAPTCHA’ configuration hasn’t changed so don’t know what could have stopped this working, any ideas? Viewing 6 replies - 1 through 6 (of 6 total) * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [9 months, 1 week ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18597990) * Hi [@watchmakingtools](https://wordpress.org/support/users/watchmakingtools/), * I’m not aware of any reasons why that would stop working correctly after a migration, other than the method of IP detection not being the same on your new host as your old one. * Firstly, take note of your own IP on your device: [https://www.whatsmyip.org](https://www.whatsmyip.org/). * Head over to **Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs** and reference the area under that section that says **Detected IPs** and **Your IP** with this setting. See if any of the options there when picked accurately reflect your IP. If one does that isn’t currently selected, don’t forget to hit the **SAVE CHANGES** button in the top-right after you’re done. * It could be worth clearing any caching plugins or other caches on your server at this point, in case anything carried over in the migration of your WordPress site. * If IP detection was already configured correctly or changing it doesn’t correct the 2FA/reCAPTCHA allowlist issue, let us know as it may be appropriate to see a diagnostic report to find out more. * Many thanks, Peter. * Thread Starter [watchmakingtools](https://wordpress.org/support/users/watchmakingtools/) * (@watchmakingtools) * [9 months, 1 week ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18598846) * Hi Peter, thanks for coming back to us. * The IP configuration has always been in place, see screenshot here – [https://ibb.co/vv47yG1K](https://ibb.co/vv47yG1K). * However, we have since cleared the server cache, and the issue still persists. What can we try next? * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [9 months, 1 week ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18599479) * Hi [@watchmakingtools](https://wordpress.org/support/users/watchmakingtools/), * As a final test before getting back to us, I would disable all other plugins except for Wordfence, just in case there’s another plugin installed that alters the login flow or conflicts with the scripts run on login in any way. If the feature works properly, reenable your plugins one-by-one until it reoccurs to identify the cause. * I can’t guarantee we’d see a clear issue from it, but it’d be helpful for us to see your site diagnostic report as it’d reveal your plugin configuration and server setup in case there’s anything we know you’d need to change. * You can send diagnostics to **wftest @ wordfence . com** by using the link at the top of the **Wordfence > Tools > Diagnostics**, followed by **“Send Report by Email”**. Please** add your forum username **where indicated **and _respond to us here after you have sent it._** * **NOTE:** It should look as follows – Screenshot of [Tools > Diagnostic > Send by Email](https://www.wordfence.com/wp-content/uploads/2021/09/diagnosticsendbyemail.png) * Many thanks, Peter. * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [9 months ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18608962) * Hi [@watchmakingtools](https://wordpress.org/support/users/watchmakingtools/), * I don’t see a diagnostic associated with your username in our inbox. How did you get on? * Peter. * Thread Starter [watchmakingtools](https://wordpress.org/support/users/watchmakingtools/) * (@watchmakingtools) * [9 months ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18614944) * Apologies Peter, this has now been sent. * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [8 months, 3 weeks ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18624524) * Hi [@watchmakingtools](https://wordpress.org/support/users/watchmakingtools/), thanks for sending that over. * We see you use Cloudflare, but don’t have the Cloudflare plugin. That probably means SiteGround is fixing the visitor IP addresses based on the `CF-Connecting- IP` header. You can change this in the “How does Wordfence get IPs” section of the **All Options** page. * Double-check the IP shown on the [Live Traffic](https://www.wordfence.com/help/tools/live-traffic/) page when you log in to make sure it’s one of the allowlisted IPs. If it is, also check the access log to see if the IP matches there. If both are the same, that means SiteGround is probably fixing the address before PHP starts. * Another thing to try would be to delete the list of allowlisted IPs, save the changes, then add them again. If there was an issue in the migration such as linefeeds in the database getting handled incorrectly, that may fix it, though there may be other problems in settings if something like that happened. * Let us know how you get on, Peter. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘2FA IP Whitelist Function’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [2fa](https://wordpress.org/support/topic-tag/2fa/) * 6 replies * 2 participants * Last reply from: [wfpeter](https://wordpress.org/support/users/wfpeter/) * Last activity: [8 months, 3 weeks ago](https://wordpress.org/support/topic/2fa-ip-whitelist-function/#post-18624524) * Status: resolved