I enabled 2FA in WP Cerber a year ago but now have no access to the email where the codes are sent. How can I log in and disable 2FA?
If you cannot access 2FA codes, you can log into your WordPress dashboard by either temporarily deleting the WP Cerber plugin folder or manually adding your IP address to the cerber_acl table. This will allow a user with 2FA enabled to log in without completing the verification.
To manually add your IP, use phpMyAdmin, which is available on most hosting panels. If phpMyAdmin is not available, you can use any database management tool provided by your hosting panel.
Once you are logged into the website database, run the following SQL query with your IP address:
INSERT INTO cerber_acl (ip, tag, comments) VALUES ('192.168.5.6', 'W', 'Bypassing 2FA');
Replace '192.168.5.6' with the actual IP address from which you will log in without completing the verification.
In the current version of WP Cerber, when adding an IPv4 address to the allowlist manually with a SQL query, you must use its corresponding long integer values:
INSERT INTO cerber_acl
(ip, tag, comments, ip_long_begin, ip_long_end, ver6, acl_slice, v6range, req_uri)
VALUES (
'192.168.5.6',
'W',
'My IP address',
INET_ATON('192.168.5.6'),
INET_ATON('192.168.5.6'),
0,
0,
'',
''
);
P.S. There is no practical way to do the same for IPv6, thanks to the folks who gave us 128-bit IP addresses.