diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c
index 1b3a6db832..a82a24e58a 100644
--- a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c
+++ b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c
@@ -17,6 +17,7 @@
 #include "ap/wpa_auth_i.h"
 #include "esp_wifi_driver.h"
 #include "esp_wifi_types.h"
+#include "esp_wps.h"
 
 struct hostapd_data *global_hapd;
 
@@ -147,6 +148,13 @@ bool hostap_deinit(void *data)
         return true;
     }
 
+#ifdef CONFIG_WPS_REGISTRAR
+    if (esp_wifi_get_wps_type_internal () != WPS_TYPE_DISABLE ||
+        esp_wifi_get_wps_status_internal() != WPS_STATUS_DISABLE) {
+        esp_wifi_ap_wps_disable();
+    }
+#endif /* CONFIG_WPS_REGISTRAR */
+
     if (hapd->wpa_auth != NULL) {
         if (hapd->wpa_auth->wpa_ie != NULL) {
             os_free(hapd->wpa_auth->wpa_ie);
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_hostpad_wps.c b/components/wpa_supplicant/esp_supplicant/src/esp_hostpad_wps.c
index 56489fb763..2361c5c00f 100644
--- a/components/wpa_supplicant/esp_supplicant/src/esp_hostpad_wps.c
+++ b/components/wpa_supplicant/esp_supplicant/src/esp_hostpad_wps.c
@@ -37,8 +37,9 @@ static int wifi_ap_wps_init(const esp_wps_config_t *config)
     struct wps_sm *sm = NULL;
     uint8_t mac[ETH_ALEN];
     struct wps_config cfg = {0};
+    struct hostapd_data *hapd = hostapd_get_hapd_data();
 
-    if (gWpsSm) {
+    if (!hapd || gWpsSm) {
         goto _out;
     }
 
@@ -76,7 +77,7 @@ static int wifi_ap_wps_init(const esp_wps_config_t *config)
         goto _err;
     }
 
-    hostapd_init_wps(hostapd_get_hapd_data(), sm->wps, sm->wps_ctx);
+    hostapd_init_wps(hapd, sm->wps, sm->wps_ctx);
 
     /* Report PIN */
     if (wps_get_type() == WPS_TYPE_PIN) {
@@ -171,19 +172,37 @@ int wifi_ap_wps_enable_internal(const esp_wps_config_t *config)
 
 int esp_wifi_ap_wps_enable(const esp_wps_config_t *config)
 {
-    int ret;
+    int ret = ESP_OK;
+    struct wps_sm *sm = gWpsSm;
     wifi_mode_t mode = WIFI_MODE_NULL;
 
+    if (esp_wifi_get_user_init_flag_internal() == 0) {
+        wpa_printf(MSG_ERROR, "wps enable: wifi not started cannot enable wpsreg");
+        return ESP_ERR_WIFI_STATE;
+    }
+
     ret = esp_wifi_get_mode(&mode);
-    if (mode != WIFI_MODE_AP) {
+    if (mode != WIFI_MODE_AP && mode != WIFI_MODE_APSTA) {
+        wpa_printf(MSG_ERROR, "wps enable: mode=%d does not include AP", mode);
+        return ESP_ERR_WIFI_MODE;
+    }
+
+    if (esp_wifi_ap_get_prof_authmode_internal() == WIFI_AUTH_OPEN) {
+        wpa_printf(MSG_ERROR, "wps enable: wpsreg not supported when authmode is open");
         return ESP_ERR_WIFI_MODE;
     }
 
     API_MUTEX_TAKE();
     if (s_wps_enabled) {
+        if (sm && os_memcmp(sm->identity, WSC_ID_ENROLLEE, sm->identity_len) == 0) {
+            wpa_printf(MSG_ERROR, "wps enable: wps enrollee already enabled cannot enable wpsreg");
+            ret = ESP_ERR_WIFI_MODE;
+        } else {
+            wpa_printf(MSG_DEBUG, "wps enable: already enabled");
+            ret = ESP_OK;
+        }
         API_MUTEX_GIVE();
-        wpa_printf(MSG_DEBUG, "wps enable: already enabled");
-        return ESP_OK;
+        return ret;
     }
 
     ret = wifi_ap_wps_enable_internal(config);
@@ -195,10 +214,9 @@ int esp_wifi_ap_wps_enable(const esp_wps_config_t *config)
 int esp_wifi_ap_wps_disable(void)
 {
     int ret = 0;
-    wifi_mode_t mode = WIFI_MODE_NULL;
+    struct wps_sm *sm = gWpsSm;
 
-    ret = esp_wifi_get_mode(&mode);
-    if (mode != WIFI_MODE_AP) {
+    if (sm && os_memcmp(sm->identity, WSC_ID_ENROLLEE, sm->identity_len) == 0) {
         return ESP_ERR_WIFI_MODE;
     }
 
@@ -230,8 +248,8 @@ int esp_wifi_ap_wps_start(const unsigned char *pin)
     wifi_mode_t mode = WIFI_MODE_NULL;
 
     esp_wifi_get_mode(&mode);
-    if (mode != WIFI_MODE_AP) {
-        wpa_printf(MSG_ERROR, "wps start: mode=%d is not AP", mode);
+    if (mode != WIFI_MODE_AP && mode != WIFI_MODE_APSTA) {
+        wpa_printf(MSG_ERROR, "wps start: mode=%d does not include AP", mode);
         return ESP_ERR_WIFI_MODE;
     }
 
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpa2.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpa2.c
index ba2feff645..a601800e62 100644
--- a/components/wpa_supplicant/esp_supplicant/src/esp_wpa2.c
+++ b/components/wpa_supplicant/esp_supplicant/src/esp_wpa2.c
@@ -827,6 +827,7 @@ esp_err_t esp_wifi_sta_wpa2_ent_enable(void)
 {
     wifi_wpa2_param_t param;
     esp_err_t ret;
+    struct wpa_sm *sm = &gWpaSm;
 
     wpa2_api_lock();
 
@@ -843,6 +844,7 @@ esp_err_t esp_wifi_sta_wpa2_ent_enable(void)
 
     if (ESP_OK == ret) {
         wpa2_set_state(WPA2_STATE_ENABLED);
+        sm->wpa_sm_wpa2_ent_disable = esp_wifi_sta_wpa2_ent_disable;
     } else {
         wpa_printf(MSG_ERROR, "failed to enable wpa2 ret=%d", ret);
     }
@@ -854,6 +856,7 @@ esp_err_t esp_wifi_sta_wpa2_ent_enable(void)
 
 esp_err_t esp_wifi_sta_wpa2_ent_disable_fn(void *param)
 {
+    struct wpa_sm *sm = &gWpaSm;
     wpa_printf(MSG_INFO, "WPA2 ENTERPRISE VERSION: [%s] disable\n", WPA2_VERSION);
     esp_wifi_unregister_wpa2_cb_internal();
 
@@ -865,6 +868,7 @@ esp_err_t esp_wifi_sta_wpa2_ent_disable_fn(void *param)
     eap_peer_unregister_methods();
 #endif
 
+    sm->wpa_sm_wpa2_ent_disable = NULL;
     return ESP_OK;
 }
 
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c
index d26c9b8558..a93013ca62 100644
--- a/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c
+++ b/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c
@@ -182,7 +182,14 @@ void wpa_ap_get_peer_spp_msg(void *sm_data, bool *spp_cap, bool *spp_req)
 
 bool  wpa_deattach(void)
 {
-    esp_wifi_sta_wpa2_ent_disable();
+    struct wpa_sm *sm = &gWpaSm;
+    if (sm->wpa_sm_wpa2_ent_disable) {
+        sm->wpa_sm_wpa2_ent_disable();
+    }
+    if (sm->wpa_sm_wps_disable) {
+        sm->wpa_sm_wps_disable();
+    }
+
     wpa_sm_deinit();
     return true;
 }
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wps.c b/components/wpa_supplicant/esp_supplicant/src/esp_wps.c
index e6ba741d32..7d197495f5 100644
--- a/components/wpa_supplicant/esp_supplicant/src/esp_wps.c
+++ b/components/wpa_supplicant/esp_supplicant/src/esp_wps.c
@@ -1793,7 +1793,6 @@ int wps_post_block(uint32_t sig, void *arg)
 
 int wps_check_wifi_mode(void)
 {
-    bool sniffer = false;
     wifi_mode_t mode;
     int ret;
 
@@ -1803,18 +1802,12 @@ int wps_check_wifi_mode(void)
         return ESP_FAIL;
     }
 
-    ret = esp_wifi_get_promiscuous(&sniffer);
-    if (ESP_OK != ret) {
-        wpa_printf(MSG_ERROR, "wps check wifi mode: failed to get sniffer mode ret=%d", ret);
-        return ESP_FAIL;
-    }
-
     if (
 #ifdef CONFIG_ESP_WIFI_SOFTAP_SUPPORT
         mode == WIFI_MODE_AP ||
 #endif
-        mode == WIFI_MODE_NULL || sniffer == true) {
-        wpa_printf(MSG_ERROR, "wps check wifi mode: wrong wifi mode=%d sniffer=%d", mode, sniffer);
+        mode == WIFI_MODE_NULL) {
+        wpa_printf(MSG_ERROR, "wps check wifi mode: wrong wifi mode=%d ", mode);
         return ESP_ERR_WIFI_MODE;
     }
 
@@ -1823,7 +1816,13 @@ int wps_check_wifi_mode(void)
 
 int esp_wifi_wps_enable(const esp_wps_config_t *config)
 {
-    int ret;
+    int ret = ESP_OK;
+    struct wps_sm *sm = gWpsSm;
+
+    if (esp_wifi_get_user_init_flag_internal() == 0) {
+        wpa_printf(MSG_ERROR, "wps enable: wifi not started cannot disable wpsreg");
+        return ESP_ERR_WIFI_STATE;
+    }
 
     if (ESP_OK != wps_check_wifi_mode()) {
         return ESP_ERR_WIFI_MODE;
@@ -1831,9 +1830,14 @@ int esp_wifi_wps_enable(const esp_wps_config_t *config)
 
     API_MUTEX_TAKE();
     if (s_wps_enabled) {
+        if (sm && os_memcmp(sm->identity, WSC_ID_REGISTRAR, sm->identity_len) == 0) {
+            wpa_printf(MSG_ERROR, "wps enable: wpsreg already enabled cannot enable wps enrollee");
+            ret = ESP_ERR_WIFI_MODE;
+        } else {
+            wpa_printf(MSG_DEBUG, "wps enable: already enabled");
+        }
         API_MUTEX_GIVE();
-        wpa_printf(MSG_DEBUG, "wps enable: already enabled");
-        return ESP_OK;
+        return ret;
     }
 
 #ifdef USE_WPS_TASK
@@ -1864,6 +1868,7 @@ int esp_wifi_wps_enable(const esp_wps_config_t *config)
 int wifi_wps_enable_internal(const esp_wps_config_t *config)
 {
     int ret = 0;
+    struct wpa_sm *wpa_sm = &gWpaSm;
 
     wpa_printf(MSG_DEBUG, "ESP WPS crypto initialize!");
     if (config->wps_type == WPS_TYPE_DISABLE) {
@@ -1889,7 +1894,7 @@ int wifi_wps_enable_internal(const esp_wps_config_t *config)
         wps_set_status(WPS_STATUS_DISABLE);
         return ESP_FAIL;
     }
-
+    wpa_sm->wpa_sm_wps_disable = esp_wifi_wps_disable;
     return ESP_OK;
 }
 
@@ -1904,8 +1909,10 @@ int esp_wifi_wps_disable(void)
 {
     int ret = 0;
     int wps_status;
+    struct wps_sm *wps_sm = gWpsSm;
+    struct wpa_sm *wpa_sm = &gWpaSm;
 
-    if (ESP_OK != wps_check_wifi_mode()) {
+    if (wps_sm && os_memcmp(wps_sm->identity, WSC_ID_REGISTRAR, wps_sm->identity_len) == 0) {
         return ESP_ERR_WIFI_MODE;
     }
 
@@ -1944,6 +1951,7 @@ int esp_wifi_wps_disable(void)
     wps_task_deinit();
     s_wps_enabled = false;
     API_MUTEX_GIVE();
+    wpa_sm->wpa_sm_wps_disable = NULL;
     return ESP_OK;
 }
 
diff --git a/components/wpa_supplicant/src/rsn_supp/wpa_i.h b/components/wpa_supplicant/src/rsn_supp/wpa_i.h
index 79d8535701..1a2bb80afe 100644
--- a/components/wpa_supplicant/src/rsn_supp/wpa_i.h
+++ b/components/wpa_supplicant/src/rsn_supp/wpa_i.h
@@ -122,6 +122,8 @@ struct wpa_sm {
     u16 owe_group;
     struct wpabuf *owe_ie;
 #endif /* CONFIG_OWE_STA */
+    int (*wpa_sm_wps_disable)(void);
+    esp_err_t (*wpa_sm_wpa2_ent_disable)(void);
 };
 
 /**