WordPress Membership Plugins?

1st April 2008

posted in Strategies |

While I’m wrapped with using WordPress as a publishing platform, I DO want to take things a step or two further, and right now, I want to include a membership section on a web site. That means HIDING my WordPress pages and posts from the public, and showing them only to paying “members”.

You’d think that would be a very simple thing to do with WordPress - just grab another plugin, and voila! Instant membership section.

Not so… but please - anyone - correct me if I am wrong!

UPDATE OCTOBER 2008

I’ve just discovered a new WordPress Membership Plugin that IS exactly what I’ve been looking for, AND it’s within my budget! Check out WPWishList Member today or read my post on this new wordpress membership plugin for more details.

Original post continued…

Oh… and a warning! This is a long post and does get a tad technical at times

So… off to Google to do the search for “WordPress membership plugin” and I discover a minefield of information - as expected.

What wasn’t expected was the repeated references to a plugin that used to be available free, which was upgraded to commercial, and now seems to be not supported at all. This one seemed to have all the answers, including integration with PayPal. And it appeared everywhere! But sadly seems to be available no more.

Most of the other WordPress “membership” plugins I found seem to:
1. use WordPress user registration routines
2. limit visibility of posts to signed in members
and that’s about all… and they require you to “do” something to posts that you don’t want shown…

I also found some very expensive “membership” software that could “plug-in” to PayPal and WordPress… but way out of my budget.

Oh well… back to the drawing board, and deciding WHAT I actually wanted to “do” with the “members” section. So I got to thinking… do I really NEED to have people “log in” to WordPress just so they could read the posts in the first place?

Most likely not!

How about setting up the member area in a different folder which is protected by .htaccess security instead?

That process is CERTAINLY a lot simpler to do and there are HEAPS of free or low cost user management programs available which can manage the registration of users, and look after the .htacess and .htpasswd files needed to protect the member’s folder.

So, assuming the members folder on your web site is called “members” - e.g. yourdomain.com/members/ - here’s the process:

install the .htaccess user management script of your choice, and point it to the /members/ folder to do it’s stuff! It should generate all the necessary files (.htacess and .htpasswd) in that folder.

Don’t forget to register yourself with a username and password so you can try out the member login system later on.

I have tested the free Locked Area cgi script on a new site, and it was pretty simple to install and configure (do READ and follow the instructions), and so far it works perfectly, so I am happy to suggest that as a free, and relatively hassle-free, option you can use.

It includes sending double opt-in, notification emails to new members - something that’s almost essential today - and allows you to edit the various templates used.

If there is ONE warning I must leave you with… only edit the template and config files from within the admin section. Don’t try to do them locally and FTP them… it doesn’t want to play properly if you do that.

I had practically no problems trying to use Locked Area so I could write this process and review. It is a fine, free option to set up a secure member’s area!

However, it will NOT be the program I end up using in the end, and that’s because as my hosting provider has some special “stuff” that does “membership” and lots more (auto-responder, the PayPal integration etc) which I will be using my the final membership product.

AND… it’s all included with great hosting for under $20 a month!

The key thing to whatever script you use with the process described on this page is to make sure that it works on .htaccess files - and not php authentication which could interfere with WordPress. That’s why I chose a cgi-script.

So… once you’ve installed and configured your user management script, then…
Install WordPress to operate in it’s OWN directory on your site/sub domain - suggest using wp as the name of that directory - i.e. yourdomain.com/wp/
From within WordPress admin - Options/General - your Blog Address or URL should point to your members folder - i.e. yourdomain.com/members/
Your /members/ folder needs to have these two files in it:
- the .htacess file (created by Locked Area in step 1) and
- the index.php file to talk to WordPress

COPY index.php over from the /wp/ folder to the /members/ - you WILL need to use an FTP program to do this.

Now - in that index.php file is a line:
require(’./wp-blog-header.php’);
CHANGE that line to point to your wp folder. It should read
require(’../wp/wp-blog-header.php’);
where the /wp/ bit refers to the directory in step one above.
go to Options/Permalinks and Update Permalinks to make the necessary WordPress additions to the .htaccess file in the /members/ directory

And that’s it.

Time to test it out!

If you try to log in to the member’s directory, you should get the standard pop-up login box asking for username and password.

Once that’s entered, you should see a normal WordPress site with your “member only” content.

If you see only errors, check the “require” path in the /members/index.php file! If necessary, change it to the full server path for your web server - i.e.
/home/yourusername/public_html/wp/wp-blog-header.php
and see if that fixes it!

Another good thing about this is that your Member RSS Feed is STILL publicly available - NO login is required to receive it. So, depending on whether you have selected to publish the summary or full text of your Syndication Feeds (from within the WordPress Admin Options/Reading section)

I’d suggest you select the summary RSS feed so that the full article is ONLY available to people who click through to the site, which then forces them to log-in and keeps ‘em honest! And those members who do cancel, cannot keep getting your good stuff for nothing!

Oh… to add PayPal into the mix - from your “sales page” which is promoting your membership… using the encrypted button format, send people to PayPal to make the payment, and then RETURN them to the User Registration url for your Locked Area installation.

Sidebar: While you CAN send members email from with Locked Area admin, it would be better if you could ALSO tie in an auto-responder service into the signup sequence (which is what my hosting provider also includes in the $20 a month package!).

Wanna see it in action?

Go here:
http://members.onlinemarketingfundamentals.com/

You’ll see the (very) draft version of a brand new membership site I am working on.

I actually ALSO put the .htacess file (with ONLY the WP stuff in it) and index.php - this time changing it to
require(’./wp/wp-blog-header.php’);
- into the root directory, so the home page of my “member” directory can be viewed by the public.

You can see what’s there, and even carry out a search… you just can’t click on any of the links to the posts without being a registered member.

By the way…. it’s not a bad way of letting people “preview” a membership site created with WordsPress either

IF you ALSO want to allow your “members” to “do” things within WordPress itself? Then they have access to the “normal” register for WordPress link from a page INSIDE the restricted area… and there (maybe) is where you might use those other WordPress “membership” plugins.

Oh… I almost forgot - I added another line to my /members/.htaccess file:
ErrorDocument 401 /401.html

What THIS line does (depending on the web browser software) is send failed login attempts to a special reminder screen. It’s a great way to use the server’s error checking mechanism to look for any authentication errors, and makes life a little easier for your members who can’t remember their stuff! Here’s the URL to see the page in question (and deliberately NOT clickable for SEO reasons):
http://members.onlinemarketingfundamentals.com/401.html

So that’s it - please let me know your thoughts on this by using the comment form below.

Popularity: 100% [?]

This entry was posted on Tuesday, April 1st, 2008 at 4:51 pm and is filed under Strategies. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

1 On April 1st, 2008, Using WordPress As A Membership Site said:

[…] taken me about three full days to research and test this concept, so get all the juice on how to set up a WordPress membership site here, including a working […]

2 On May 15th, 2008, Liz said:

Thanks for the great info!! I have been working on a similar project and you really helped me figure out what I was thinking. Just couldn’t figure out how to set it up. What host are you using? That could be some of my problem with getting it to work for me.

Liz
YourRealEstateClub.com

3 On May 15th, 2008, Stephen Spry said:

Hi Liz

My hosting provider is linked to in the post above but here’s the full link for you.
http://www.netmarketingtoolbox.com/recommends/UMC

Just to let you know, I’ve also sent you a personal reply after having a good look at your site.

I think you’re right… your choice of hosting company is presenting a barrier (or two) to achieving what you want to do

Cheers
Stephen

4 On June 27th, 2008, Robert said:

Your information looks like it would be fairly easy to do, I’ve used another membership plug-in for WordPress for an old site of mine, but now I’ve got a new site and my key does not work… the bad part is it’s been three days now and I’ve emailed them and sent them a message from their contact page… and nothing.

I’m may give you method a try if I don’t get a response from them in another day or two tops. I will differently use your method on my next membership site… I want to have 10 in all.

5 On July 1st, 2008, Sunday said:

Hi, Thanks for this info.
can you explain how i can make some content free to the public.

6 On July 1st, 2008, Stephen Spry said:

Hi Sunday

“Some” content free to the public, and the rest not?

Solution? Two blogs on the same site in different directories - the member one in a “member” directory protected by the .htaccess script - the public one at the root level. Suggest you use the same theme and plugins on both to make management easier, and hard code some of the “cross-links” between them into the theme, perhaps in the header nav or sidebar.

If you don’t want to do that, you’ve probably got to go down the password protected post, or membership plugin paths… neither of which are really suitable for a site with a LOT of content.

7 On July 1st, 2008, Stephen Spry said:

I just had another thought - I haven’t done it, but it MIGHT be possible if you have pretty permalinks set up properly.

Create a “members” category in Wordpress. The URL would be:
yourdomain.com/category/members/

Now - actually create a new folder on your server in the public_html directory called “category”, and within that folder, create another new folder called “members”.

Now… within THAT real member’s folder on your server… put the .htaccess stuff!

That way, all your post titles etc for the “members” will show in the public site (as they are generated by WP) - but they can’t actually click through to anything in that “folder” without a password!

Seriously, I don’t know if it will work, but you could give it try and let us all know!

Cheers
Stephen

8 On July 1st, 2008, Stephen Spry said:

Errr… nope. Sorry - at first try, that doesn’t work - not without a bit of fiddling… Maybe with some changes to the rewrite rules it might succeed, but that is beyond me

9 On July 4th, 2008, Sunday said:

Stephen,

Thanks for your response and assistant.

Some content will be view by the public and others for members only.
Please can you put a post like a tutorial for those of us who are novice when it comes to coding and all the stuff relating to wordpress.

With regard to first advise you gave, wouldn’t it means loging in to 2 directory to make post?

Cheers
Sunday

10 On July 4th, 2008, Stephen Spry said:

Re the first idea - two identical blogs - yes it would require logging in to the second blog to make a post into the member area.

I’m going to have more of a fiddle with this idea shortly (when I get some time) so I’ll post the results here.

11 On July 5th, 2008, Sunday said:

Hi Stephen,

Thanks.
Am looking at situation where it require the administrator to logging in once and can make post for both member and the public.

I will keep watch on this blog for possible solution.

Have a nice weekend

Sunday

12 On July 8th, 2008, Tim Nash said:

While I know you have done the searching, but I thought I would throw Your Members Wordpress Members Plugin it is a commercial product so might not be to everyone taste but was born out of similar frustration to your own. the big advantage being its very very flexible membership management both in terms of number of account types you can have, but also each account can have unlimited number of subscription types (dates and costs) plus pay per post.

Sorry end of plug what I meant to say was Good Luck and regarding RSS Feeds we use HTTP Authenticated feeds but are looking at token based similar you might think to do likewise from our testing users who have paid are expecting to be able to see full feeds.

13 On July 8th, 2008, Stephen Spry said:

Hi Tim

No problems with the plug - seems like I should have a “review” copy of the plugin so I can report on it hint! hint!

Cheers
Stephen

14 On July 8th, 2008, Tim Nash said:

Drop me a line, while I have no more review copies at the moment handed the last copy out this morning, I will add your name to the list for the next round.

15 On August 1st, 2008, Tim said:

Great little tutorial, thanks.

Something I don’t understand, at the end you say:
“I actually ALSO put the .htacess file (with ONLY the WP stuff in it) and index.php - this time changing it to
require(’./wp/wp-blog-header.php’);
- into the root directory, so the home page of my “member” directory can be viewed by the public.”

If you do that, what is actually in the protected directory? we only had the index.php and .htaccess in there anyway, so if you put those in the root directory, there would be nothig left in the protected one? or am I missing something (not unusual)..

16 On August 1st, 2008, Stephen Spry said:

Hi Tim

I don’t know why I didn’t do this before:)

But…

I’ll actually do another post very soon which explains every file needed and where they all go - complete with all the code you’ll ever need to do this - direct from the live example!

So if you subscribed to these comments, or to our main site feed, you’ll know when it appears.

Stephen

17 On August 1st, 2008, Tim said:

That would be great.

I’ve got my index.php in both the wp and the private directory, but when you browse to the one in the wp directory (i.e the unsecured one) it does display the header and sidebar etc ok, but the front page, which is a static page, does not display.

Also the RSS feed seems to want a username/password to burn it in Feedburner, even just to display it.

Tim

18 On August 1st, 2008, Stephen Spry said:

OK - as promised… here’s even more detail on this process - complete with all the code you’ll need to set it up exactly as I have done.

Just visit this new post :
Wordpress, .htaccess and membership sites

COMMENTS ARE NOW CLOSED ON THIS POST

Please add any new comments to the follow up post.

19 On December 13th, 2008, Wordpress Membership Plugin said:

[…] New Media Services - Home of Your Member I’ve also just found some info here on other plugins: WordPress Membership Plugins? Internet Marketing Toolbox I heard awhile back that fellow warrior Josh Anderson was developing a WP membership plugin, but I […]

Internet Marketing Toolbox