Hello @ramoncassel
The plugin uses your own website SMTP server to send 2FA emails.
You can check the SMTP logs to see if there is a delay between the 2FA request, an email sending event, an email receiving event.
Tell us about the results
Hey Alex
Fantastic thanks. We investigated the SMTP side. It seems like the type of encryption from the plugin is causing the delay. I believe there’s no settings to change this and I appreciate it wouldn’t be straight forward for you to change it.
Would you agree with the above? If so, let me know the recommended approach to enhance the admin security.
I thought about using something else for 2fa admnin authentications. Also, changing the admin login page URL. But want to hear from you first please.
Thanks, Ramon
Hello @ramoncassel
Thank you for your feedback.
I’ve created a task for our developers. We will investigate the issue and will write you back within 3-4 working days.
Thanks – looking forward to it.
Hello @ramoncassel
We need more details to fix the issue.
Could you please explain what you mean by “type of encryption from the plugin”?
Thank you!
Hello! It is not the type of encryption from the plugin but how it sends the 2FA confirmation emails is different from when a normal email gets sent out.
How is the validation email structured? How is it different to wordpress, when wordpress site send a notification email from someone who for example, fills in a form?
It takes a while for the 2fa related emails to get processed by smtp2go, I can literally see the emails get stuck under processing in the SMTP2GO logs, it sends it eventually but it takes longer than 5 minutes.
So my conclusion is that the 2FA emails has a certain characteristic of composition that it takes some time for SMTP2GO to process before it sends them out.
Thanks, Ramon
Hello, @ramoncassel.
Thank you for the details. I’ve added them to the task. We need additional time to investigate the issue. We’ll write you back within 3 working days.
Hello @ramoncassel
We have fixed the problem. All the changes will be included in the next stable release.
1. Go to WordPress Administrator Panel —> Plugins.
2. Find the plugin “Security & Malware scan by CleanTalk” —> Deactivate.
3. After the automatic page refresh finds the plugin again “Security & Malware scan by CleanTalk” —> Delete. Confirm “Yes, delete these files”.
4. Download the plugin archive from here: https://github.com/CleanTalk/security-malware-firewall/releases/download/dev-version/security-malware-firewall.zip
5. Go to Plugins —> Add New —> Upload Plugin.
6. Choose the downloaded archive and press “Install Now”.`
If the problem still persists, please contact us via our support ticket system:
https://cleantalk.org/my/support/open
Best wishes.
-
This reply was modified 4 years, 2 months ago by
amagsumov.
This is great. Thanks, much appreciated.
-
This reply was modified 4 years, 2 months ago by
ramoncassel.
