Cloudflare Vs Wordpress WP-Defender 2FA

Afternoon all,

Hoping for some help regarding an issue we have come across regarding Wordpress 2FA (WP-Defender).

Since we have enabled Cloudflare on our site it has broken the 2FA feature on the site.

I have been reading that Page Rules can be used to resolve this issue but I am not sure what rules I should be setting to get this working.

The steps I used initially were outlined by the following post:

Does anyone have documentation for how to construct page rules to disable Cloudflare features for Wordpress plugin in question?

Apologies if this is a simple one, new to this!

Thanks in advance guys.



I use Wordfence’s 2FA (TOTP) for my site logins and they’re working.

The article you linked to implies that the page is cached. By default, Cloudflare does not cache these pages…unless you’ve added a Cache Everything page rule. (have you?)

You didn’t describe how your 2FA is “broken.” But check your browser’s Dev Tools console log for any errors.

This topic was automatically closed after 30 days. New replies are no longer allowed.