Thanks for the message.
I will take a look into this and hopefully get it fixed.
Hi, I just tested this with the 2FA feature with the main “Wordfence Security” plugin, and the “Wordfence Login Security” plugin, and it seems to be logging me in fine for both with Turnstile and 2FA enabled: https://i.gyazo.com/129c85308ca9b29e09cfa4a9c162c4ae.mp4
Could you give it another try? Are you using the latest version of WordPress and the Simple Cloudflare Turnstile plugin?
Thanks!
Hi Elliot, thanks for investigating. I think the login page that’s being troublesome is actually part of WooCommerce. It’s the ‘My Account’ login/register page.
I’ve just tested the regular wp-login.php page and you’re right, that works fine.
When I try logging in on the ‘My Account’ page however, the page just reloads and sometimes displays the “Please verify that you are human.” error message.
I’m using the latest versions of WordPress (6.1), Wordfence (7.7.1), WooCommerce (7.0.1) and Simple Cloudflare Turnstile (1.13.1).
Hi James,
Thanks for the info!
I’ve looked into this, and it seems like the WordPress 2FA on WooCommerce login forms, combined with any login captcha plugin (reCAPTCHA or Turnstile) doesn’t seem to work together. Looking at WordFence’s support there are lots of tickets mentioning this for example this one: https://wordpress.org/support/topic/2fa-conflicts-with-recaptcha-plugins/
I did try implementing a solution to this, by spending some time developing a bit of code to load the Turnstile widget in the second WordFence 2FA step (on WooCommerce login form) where it asks for the “2FA Code”, but upon submission, it still won’t work sadly: https://i.gyazo.com/b1cadccfccffeaa41233d8976e696738.png
Currently, my only suggestion here really is to either disable Turnstile on this WooCommerce login form, or alternatively for any users that have 2FA enabled, have them use the WP Login page instead.
If I think of a solution I’ll let you know.
Thanks,
Elliot
OK, thanks for looking into it Elliot.
Hi,
This plugin should work with Wordfence 2FA now. 👍
Great, thanks Elliot. I’ll give it another go.