WordPress Membership Plugins?
While I’m wrapped with using WordPress as a publishing platform, I DO want to take things a step or two further, and right now, I want to include a membership section on a web site. That means HIDING my WordPress pages and posts from the public, and showing them only to paying “members”.
You’d think that would be a very simple thing to do with WordPress - just grab another plugin, and voila! Instant membership section.
Not so… but please - anyone - correct me if I am wrong!
Oh… and a warning! This is a long post and does get a tad technical at times 
So… off to Google to do the search for “WordPress membership plugin” and I discover a minefield of information - as expected.
What wasn’t expected was the repeated references to a plugin that used to be available free, which was upgraded to commercial, and now seems to be not supported at all. This one seemed to have all the answers, including integration with PayPal. And it appeared everywhere! But sadly seems to be available no more.
Most of the other WordPress “membership” plugins I found seem to:
1. use WordPress user registration routines
2. limit visibility of posts to signed in members
and that’s about all… and they require you to “do” something to posts that you don’t want shown…
I also found some very expensive “membership” software that could “plug-in” to PayPal and WordPress… but way out of my budget.
Oh well… back to the drawing board, and deciding WHAT I actually wanted to “do” with the “members” section. So I got to thinking… do I really NEED to have people “log in” to WordPress just so they could read the posts in the first place?
Most likely not!
How about setting up the member area in a different folder which is protected by .htaccess security instead?
That process is CERTAINLY a lot simpler to do and there are HEAPS of free or low cost user management programs available which can manage the registration of users, and look after the .htacess and .htpasswd files needed to protect the member’s folder.
So, assuming the members folder on your web site is called “members” - e.g. yourdomain.com/members/ - here’s the process:
- install the .htaccess user management script of your choice, and point it to the /members/ folder to do it’s stuff! It should generate all the necessary files (.htacess and .htpasswd) in that folder.
Don’t forget to register yourself with a username and password so you can try out the member login system later on.
I have tested the free Locked Area cgi script on a new site, and it was pretty simple to install and configure (do READ and follow the instructions), and so far it works perfectly, so I am happy to suggest that as a free, and relatively hassle-free, option you can use.
It includes sending double opt-in, notification emails to new members - something that’s almost essential today - and allows you to edit the various templates used.
If there is ONE warning I must leave you with… only edit the template and config files from within the admin section. Don’t try to do them locally and FTP them… it doesn’t want to play properly if you do that.
I had practically no problems trying to use Locked Area so I could write this process and review. It is a fine, free option to set up a secure member’s area!
However, it will NOT be the program I end up using in the end, and that’s because as my hosting provider has some special “stuff” that does “membership” and lots more (auto-responder, the PayPal integration etc) which I will be using my the final membership product.
AND… it’s all included with great hosting for under $20 a month!
The key thing to whatever script you use with the process described on this page is to make sure that it works on .htaccess files - and not php authentication which could interfere with WordPress. That’s why I chose a cgi-script.
So… once you’ve installed and configured your user management script, then…
- Install WordPress to operate in it’s OWN directory on your site/sub domain - suggest using wp as the name of that directory - i.e. yourdomain.com/wp/
- From within WordPress admin - Options/General - your Blog Address or URL should point to your members folder - i.e. yourdomain.com/members/
- Your /members/ folder needs to have these two files in it:
- the .htacess file (created by Locked Area in step 1) and
- the index.php file to talk to WordPressCOPY index.php over from the /wp/ folder to the /members/ - you WILL need to use an FTP program to do this.
Now - in that index.php file is a line:
require(’./wp-blog-header.php’);
CHANGE that line to point to your wp folder. It should read
require(’../wp/wp-blog-header.php’);
where the /wp/ bit refers to the directory in step one above. - go to Options/Permalinks and Update Permalinks to make the necessary WordPress additions to the .htaccess file in the /members/ directory
And that’s it.
Time to test it out!
If you try to log in to the member’s directory, you should get the standard pop-up login box asking for username and password.
Once that’s entered, you should see a normal WordPress site with your “member only” content.
If you see only errors, check the “require” path in the /members/index.php file! If necessary, change it to the full server path for your web server - i.e.
/home/yourusername/public_html/wp/wp-blog-header.php
and see if that fixes it!
Another good thing about this is that your Member RSS Feed is STILL publicly available - NO login is required to receive it. So, depending on whether you have selected to publish the summary or full text of your Syndication Feeds (from within the WordPress Admin Options/Reading section)
I’d suggest you select the summary RSS feed so that the full article is ONLY available to people who click through to the site, which then forces them to log-in and keeps ‘em honest! And those members who do cancel, cannot keep getting your good stuff for nothing!
Oh… to add PayPal into the mix - from your “sales page” which is promoting your membership… using the encrypted button format, send people to PayPal to make the payment, and then RETURN them to the User Registration url for your Locked Area installation.
Sidebar: While you CAN send members email from with Locked Area admin, it would be better if you could ALSO tie in an auto-responder service into the signup sequence (which is what my hosting provider also includes in the $20 a month package!).
Wanna see it in action?
Go here:
http://members.onlinemarketingfundamentals.com/
You’ll see the (very) draft version of a brand new membership site I am working on.
I actually ALSO put the .htacess file (with ONLY the WP stuff in it) and index.php - this time changing it to
require(’./wp/wp-blog-header.php’);
- into the root directory, so the home page of my “member” directory can be viewed by the public.
You can see what’s there, and even carry out a search… you just can’t click on any of the links to the posts without being a registered member.
By the way…. it’s not a bad way of letting people “preview” a membership site created with WordsPress either
IF you ALSO want to allow your “members” to “do” things within WordPress itself? Then they have access to the “normal” register for WordPress link from a page INSIDE the restricted area… and there (maybe) is where you might use those other WordPress “membership” plugins.
Oh… I almost forgot - I added another line to my /members/.htaccess file:
ErrorDocument 401 /401.html
What THIS line does (depending on the web browser software) is send failed login attempts to a special reminder screen. It’s a great way to use the server’s error checking mechanism to look for any authentication errors, and makes life a little easier for your members who can’t remember their stuff! Here’s the URL to see the page in question (and deliberately NOT clickable for SEO reasons):
http://members.onlinemarketingfundamentals.com/401.html
So that’s it - please let me know your thoughts on this by using the comment form below.
Tags: .htaccess security membership sites wordpress membership pluginPopularity: 64% [?]
