WordPress, install 2FA plugin when using Roots Bedrock

Introduction

There are many ways of accomplishing this task. In this article I shall be using the WP 2FA – Two-factor Authentication Plugin and 1Password as the authenticator. The main topic here shall be explaining the additional step required when using Roots Bedrock or any other .env style setup for WordPress structure hierarchy (like Capistrano).

The plugin expects to be able to access the wp-config.php file, which it cannot and details need to be manually added to the appropriate environment configuration overrides files. I’ll show you in 3 easy steps how to setup and configure for a .env type system.

Step 1. Install and Activate WP 2FA Plugin

As you are using a .env style setup installing will most likely be done via composer.

"wpackagist-plugin/wp-2fa": "*",

Add to your composer.json file (adding version number if required) then activate on the Plugins Admin Page.

Step 2. Configure 2FA and Authorise via 1Password

You will be presented with a configuration Wizard, follow the steps setting up the required functionality you need. The last part of this process is activating the authorisation. The screen (See Image 1) includes a QR Code – this can be used by 1Password by choosing ‘Scan QR Code’ from the menu. You can find further details for this process following this link.

Step 3. Move WP 2FA private encryption key from Database to environment config file

If you go to the Settings Page for WP 2FA, you’ll see a warning at the top of the page (See Image 2.) This is the main reason for this article so I’ll break it down into smaller steps as there are some details that need attention.

• Step 3.1

As a precaution make backups of the Website and Database.

• Step 3.2

Deactivate the WP 2FA plugin.

• Step 3.3

Find and copy the encryption key in the wp_options table of the WordPress Database. The option name is wp_2fa_secret_key (See Image 3.) The Database Table may have a different prefix than wp_ (like the example in Image 3) so look for foo_options instead.

• Step 3.4

Add the copied private key to the appropriate environment config file by adding the following line (or equivalent for your setup.)

Config::define( 'WP2FA_ENCRYPT_KEY', 'your-encryption-key-here' );

• Step 3.5

Remove the private key from the Database by deleting the entry.

• Step 3.6

Reactivate the WP 2FA plugin.

The process is now complete

All being well the warning message will now no longer be shown and you have a working two-factor authentication system in place for your site.

In conclusion

Hopefully this was a quick and painless exercise to get the WP 2FA plugin working in a Roots Bedrock type setup. If you use a different (or better) solution please get in touch and let me know.