Title: 2FA & Interstitial issues Last modified: March 27, 2026 --- # 2FA & Interstitial issues * [Kevin Pirnie](https://wordpress.org/support/users/kevp75/) * (@kevp75) * [2 months ago](https://wordpress.org/support/topic/2fa-interstitial-issues/) * PHP 8.4, nGinx 1.28.0 Multiple issues. First and foremost. Cannot login like normal. I login to my site, it goes to wp-login.php and throws a WP Error page stating: Failed to create interstitial state. and does nothing else. * Cannot set on any account. That one throws a WSOD, with this in the logs. [27- Mar-2026 13:42:41 UTC] PHP Fatal error: Uncaught Error: Call to undefined method WP_Error::initialize_from_global_state() in /MY_PATH/wp-content/plugins/better- wp-security/core/lib/class-itsec-lib-login-interstitial.php:356 Stack trace: # 0 /MY_PATH/wp-includes/class-wp-hook.php(341): ITSEC_Lib_Login_Interstitial-> force_interstitial() #1 /MY_PATH/wp-includes/class-wp-hook.php(365): WP_Hook- >apply_filters() #2 /MY_PATH/wp-includes/plugin.php(522): WP_Hook->do_action()# 3 /MY_PATH/wp-login.php(546): do_action() #4 {main} thrown in /MY_PATH/wp-content/ plugins/better-wp-security/core/lib/class-itsec-lib-login-interstitial.php on line 356 Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [Kevin Pirnie](https://wordpress.org/support/users/kevp75/) * (@kevp75) * [2 months ago](https://wordpress.org/support/topic/2fa-interstitial-issues/#post-18864830) * note. If I manually change the URL from the /wp-login.php to /wp-admin, I am logged in at my Dash * Plugin Support [Pawel [SolidWP Support]](https://wordpress.org/support/users/solidwppawel/) * (@solidwppawel) * [2 months ago](https://wordpress.org/support/topic/2fa-interstitial-issues/#post-18866950) * Hi Kevin, * Thank you for reporting this with the full stack trace — that made it straightforward to track down. * This is a confirmed bug in the plugin. The `force_interstitial()` method in ` class-itsec-lib-login-interstitial.php` doesn’t check for a `WP_Error` return from `ITSEC_Login_Interstitial_Session::create()` before calling methods on the result. Other methods in the same file (like `wp_login()`) do have the proper` is_wp_error()` check — so this is an oversight in `force_interstitial()` specifically. * The chain is: 1. `add_user_meta()` fails when trying to store the interstitial session data 2. `create()` returns a `WP_Error` (the “Failed to create interstitial state” message) 3. `force_interstitial()` calls `->initialize_from_global_state()` on the `WP_Error` object — fatal error * The underlying trigger is `add_user_meta()` failing. This could point to a database issue — a previous report of this same error message turned out to be a disk space problem on the database server (MySQL error 28). It’s worth checking your database health: do you see any errors in your MySQL/MariaDB logs? Can you verify the `wp_usermeta` table is healthy? Running `CHECK TABLE wp_usermeta;` and `REPAIR TABLE wp_usermeta;` might help if the table has issues. * Regarding PHP 8.4 — Solid Security 9.4.6 hasn’t had a dedicated PHP 8.4 compatibility update yet. There are known deprecation notices (implicit nullable parameters) on PHP 8.4 that can interfere with some operations. While these deprecations alone wouldn’t cause `add_user_meta()` to fail, they could contribute to unexpected behavior in the login flow. * **Workarounds:** - As you’ve already found, navigating directly to `/wp-admin` bypasses the interstitial and works fine since you’re already authenticated. - If you need 2FA setup working, you can try adding `define('SOLID_SECURITY_LEGACY_2FA_UI', true);` to `wp-config.php` to use the older 2FA settings layout, which uses a different code path. - If the issue is specifically triggered during forced 2FA onboarding, you can temporarily disable 2FA by adding `define('ITSEC_DISABLE_TWO_FACTOR', true);` to `wp-config.php`, configure what you need, then remove the define. * I’ve filed this as a bug with the development team — the missing error check needs to be patched regardless of the underlying `add_user_meta()` cause. * Kind regards, Paweł * Thread Starter [Kevin Pirnie](https://wordpress.org/support/users/kevp75/) * (@kevp75) * [2 months ago](https://wordpress.org/support/topic/2fa-interstitial-issues/#post-18867066) * Appreciate you getting back to me. I’ve checked the table, its good. I’ll look into that legacy 2fa. * lookin forward to the update 🙂 Viewing 3 replies - 1 through 3 (of 3 total) You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2F2fa-interstitial-issues%2F%3Foutput_format%3Dmd&locale=en_US) to reply to this topic. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) ## Tags * [2fa](https://wordpress.org/support/topic-tag/2fa/) * [interstitial](https://wordpress.org/support/topic-tag/interstitial/) * 3 replies * 2 participants * Last reply from: [Kevin Pirnie](https://wordpress.org/support/users/kevp75/) * Last activity: [2 months ago](https://wordpress.org/support/topic/2fa-interstitial-issues/#post-18867066) * Status: not resolved