Hi @dwibayu
Hope you are doing fine!
If a user has logged already in a site and activated a Single Sign On feature, the authentication features such as reCaptcha could be skipped since the credentials are already stored.
Could you provide some additional info about the setup you are using for your site and the steps those users are following where the reCaptcha would be expected to display?
Kind regards
Luis
There is a LDAP IP setting that can make the user automatically login without check the recaptcha box and the recaptcha box in login page. Because there are some user that complain about that and we want all user to use recaptcha box without an exception.
Hi @dwibayu
Thanks for the additional info. Based on the scenario you are describing, the LDAP settings seem to overwrite the reCAPTCHA box verification. Can you share more info about the LDPA feature? If it is coming from a plugin, it will be necessary to check any option in the settings to enable the reCAPTCHA functionality.
Looking forward to hearing from you.
Kind regards
Luis
Hi @dwibayu
I hope you are doing well today.
Can you share with us which SSO feature you use in authorizer, what are the settings and how to replicate this issue? We will need some more data in this case as this is 3rd party plugin.
Kind Regards,
Kris
since i can’t upload an image, the authorizer plugin setting ldap is at external service and filled in LDAP host, LDAP port, LDAP search base, LDAP attribute containing username, LDAP attribut containing email address, LDAP directory user, LDAP directory user password, LDAP attribute update section
-
This reply was modified 3 years, 2 months ago by
dwibayu.
-
This reply was modified 3 years, 2 months ago by dwibayu.
Hi @dwibayu ,
I’m escalating this further to our developer’s attention to investigate the behaviour regarding this.
Please note that our developers work on complex queries and have a slow response time.
Will keep you posted once we get further feedback.
Best Regards,
Nithin
Hi @dwibayu,
We got further feedback and would recommend you to apply this snippet and then check whether it works fine.
<?php
add_action( 'plugins_loaded', function() {
if ( ! defined( 'DEFENDER_VERSION' ) || ! class_exists( '\Authorizer\WP_Plugin_Authorizer' ) ) {
return;
}
add_filter( 'authenticate', function( $user, $username, $password ) {
if ( ! is_wp_error( $user ) && ! empty( $user->ID ) && 'ldap' === get_user_meta( $user->ID, 'authenticated_by', true ) ) {
$recaptcha = wd_di()->get( WP_Defender\Controller\Recaptcha::class );
if ( $recaptcha->model->is_active() ) {
return $recaptcha->validate_captcha_field_on_login( $user );
}
}
return $user;
}, 2, 3 );
});
The above snippet should resolve the issues noticed. You can add the above snippet as a mu-plugins.
Please check this link on how to implement the above code as a mu-plugins:
https://wpmudev.com/docs/using-wordpress/installing-wordpress-plugins/#installing-mu-plugins
Please do let us know how that goes.
Best Regards,
Nithin
The steps to install mu-plugins have already been done but Must-use tab on the plugin page not appear
Hi @dwibayu
This would mean that the MU plugin is not correctly added. Are you sure that
– the file is located in the /wp-content/mu-plugins folder and NOT the /wp-content/plugins/mu-plugins or some other?
– that it’s added to correct WordPress installation (I know it sounds weird but I’ve seen such cases multiple times – on hosts with multiple sites hosted under the single account, code added by mistake to wrong installation)?
– is the file that contains the code having the .php extension (and not e.g. “.php.txt”; again – I’ve seen this multiple times, especially in Win environment when Explorer was set to not show extensions of “known file types”)?
Please double-check it to make sure. Also – is this a standard WordPress installation or perhaps it’s based on some package like Bedrock or similar (in which case there may be some non-standard paths used so file location may need to be different)?
Kind regards,
Adam
THANK YOU, IT WORKS!!!!
can i ask you one more thing about recaptcha again?
my company website that located in cyberpanel have the problem about recaptcha but with different case. the recaptcha box is there but notification “reCAPTCHA verification failed. Please try again.” always appear for all users, but when i try with another recaptcha plugin the recaptcha is work
Hi @dwibayu
As this is a separate case/issue please open a fresh ticket with us here:
https://ww.wp.xz.cn/support/plugin/defender-security/#new-topic-0
With such workflow it will allow us to mark this thread as solved.
Kind Regards,
Kris
Hi @dwibayu
I hope you are doing well and safe!
We haven’t heard from you in a while, I’ll mark this thread as resolved.
Feel free to let us know if you have any additional questions or problems.
Best Regards
Patrick Freitas
