Support » Plugin: Simple Cloudflare Turnstile — The new user-friendly alternative to CAPTCHA » Incompatible with Wordfence 2FA Login Security

  • Resolved james4311

    (@james4311)


    This plugin is almost perfect but unfortunately it doesn’t seem to work with Wordfence’s 2FA login security.

    After entering a username, password and 2FA code the page just reloads without logging in.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Elliot Sowersby

    (@elliotvs)

    Thanks for the message.

    I will take a look into this and hopefully get it fixed.

    Plugin Author Elliot Sowersby

    (@elliotvs)

    Hi, I just tested this with the 2FA feature with the main “Wordfence Security” plugin, and the “Wordfence Login Security” plugin, and it seems to be logging me in fine for both with Turnstile and 2FA enabled: https://i.gyazo.com/129c85308ca9b29e09cfa4a9c162c4ae.mp4

    Could you give it another try? Are you using the latest version of WordPress and the Simple Cloudflare Turnstile plugin?

    Thanks!

    Thread Starter james4311

    (@james4311)

    Hi Elliot, thanks for investigating. I think the login page that’s being troublesome is actually part of WooCommerce. It’s the ‘My Account’ login/register page.

    I’ve just tested the regular wp-login.php page and you’re right, that works fine.
    When I try logging in on the ‘My Account’ page however, the page just reloads and sometimes displays the “Please verify that you are human.” error message.

    I’m using the latest versions of WordPress (6.1), Wordfence (7.7.1), WooCommerce (7.0.1) and Simple Cloudflare Turnstile (1.13.1).

    Plugin Author Elliot Sowersby

    (@elliotvs)

    Hi James,

    Thanks for the info!

    I’ve looked into this, and it seems like the WordPress 2FA on WooCommerce login forms, combined with any login captcha plugin (reCAPTCHA or Turnstile) doesn’t seem to work together. Looking at WordFence’s support there are lots of tickets mentioning this for example this one: https://wordpress.org/support/topic/2fa-conflicts-with-recaptcha-plugins/

    I did try implementing a solution to this, by spending some time developing a bit of code to load the Turnstile widget in the second WordFence 2FA step (on WooCommerce login form) where it asks for the “2FA Code”, but upon submission, it still won’t work sadly: https://i.gyazo.com/b1cadccfccffeaa41233d8976e696738.png

    Currently, my only suggestion here really is to either disable Turnstile on this WooCommerce login form, or alternatively for any users that have 2FA enabled, have them use the WP Login page instead.

    If I think of a solution I’ll let you know.

    Thanks,

    Elliot

    Thread Starter james4311

    (@james4311)

    OK, thanks for looking into it Elliot.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.