Community Support Forums

Hi. I just installed s2Member Pro and I have been having a few problems with the formatting and redirection. When I look on the welcome page that I am in the process of setting up, there are no graphics on the page and even when I enclose the short code in <div> tags, I can't get the input form fields to adjust their width. I checked to see if this was a theme issue and it seems that it isn't because I have the same problem on the default theme.

Can someone help?

Also, in testing the redirect, I get a redirect to an SSL version of my homepage, which doesn't exist. Is there any way to get the redirect to go to a non-SSL version of my site or to get SSL on the front end for members? Many thanks in advance.

Edward

Using latest plugin versions with WordPress 3.31

I have figured out the answer to half my question already. I was viewing the page in a non-SSL format and that's why it wasn't coming out right.

I am now working on the second part.

What do you mean by a redirect to an SSL version of the homepage? Does this happen after submitting the pro-form?

Do you have an SSL certificate? Could you post a link to the page you're working on?

Do you have other plugins that deal with HTTPS/SSL?

Thanks!

Cristián,

Thanks for the reply. I am really excited about this plugin. It is so well documented and easy to setup.

As to my configuration, I do have an SSL certificate and use FORCE_SSL_ADMIN but leave the front in non-SSL. I also have no plugins which force HTTPS/SSL, although I do use Wordpress SEO by Joost de Valk which can actually do so. Let me know if this is a problem.

What happens is that the ?s2member_paypal_return=1 uri comes from a backend SSL page and attempts to return me to a frontend SSL page: https://www.creditwritedowns.com. What I would prefer is to have it return me to a non-SSL frontend page like http://www.creditwritedowns.com so that I can have all readers using the same canonical pages.

I hope that makes sense since I am not a programmer but a finance guy and I may be unclear.

By the way, while we're at it, maybe you could help me because the lone SSL frontend page is the members page and I want to have all others be non-SSL for SEO purposes. is there a way to use .htaccess or some other way to force admin pages SSL and force every page except the one member page non-SSL?

Hi edwardnh,

I'm using a similar SSL setup on my site (SSL for WP Admin pages, but non-SSL for the front-end pages, except for my s2Member checkout page and the Login Welcome Page).

A Quick Primer on How Browsers Handle Links (SSL/non-SSL)

One thing to keep in mind about how web pages and links work: When a page is loaded with SSL, the base URL starts with https://example.com. Now any relative links on that web page will automatically use that base URL.

So, if you have a link on the page like this: <a href="/contact/">Contact</a>, your web browser will take whatever base URL is in your browser (e.g., https://example.com) and prepend that to the relative links in the HTML of the page to create a complete link (in this case, https://example.com/contact/).

Now, if the link on that page was written as <a href="http://example.com/contact/">Contact</a>, then even if you accessed the page with https://example.com, that link would still be set to http://example.com/contact/.

With me so far?

Now here's the thing about relative links: they're used everywhere. It's actually considered best-practice to use relative links. If you decide to move your site to another domain name, it would be a royal pain if you had hard-coded all the links instead of using relative links.

So, you'll find relative links everywhere. This means that without doing some crazy rewriting of the HTML to force all links to be full links using non-SSL, you're not going to be able to prevent users from accessing SSL links.

If you use SSL on the Membership Options Page, for example, and a user then clicks on the About Page link, he's going to end up at the SSL version of the About page. As I explained above, the only way to avoid this is to make sure all your links contain the full URL instead of using relative URLs (WordPress themes use the relative links by default.)

Once my users login, they end up at an SSL page and unless they click on a hard-coded link somewhere, they end up browsing my site using SSL (it's good practice to protect login sessions using SSL anyway).

However, non-logged in users typically never see an SSL page because the home page and all my other pages do not force SSL. Only when they go to my checkout page or login do they hit an SSL URL.

Redirecting to non-SSL home page after checkout

Regarding what happens after a user makes a payment: With s2Member Pro, you can add the success= shortcode attribute to your buttons to control where s2Member sends the user after checkout:

success="" Success Return URL ( optional ). s2Member handles this automatically for you. However, if you would prefer to take control over the landing page after checkout ( i.e. your own custom Thank-You Page ), you can. If supplied, this must be a full URL, starting with http://. Note, s2Member will NOT use this value if an existing account holder is being modified. s2Member handles account updates ( i.e. billing modification ) in a more dynamic way. Your Success Return URL is only applied to (new) Customers.

You can use the success= attribute to send people directly to the non-SSL version of your homepage.

Does that make sense?

I am really excited about this plugin. It is so well documented and easy to setup.

Thanks for the kudos!

Raam,

That makes a lot of sense. It is good for someone like me to get the logic behind why something works or doesn't work and what you're saying makes me think that not only should I not care if logged in users use SSL on the front end, it might even be better that way fro a security standpoint.

I had used up a lot of time trying to get htaacess rules to finesse this one but I am going to let it be. many thanks and I look forward to coming here for the forum often.

Edward

P.S. - I also now use Quick Cache from Primo after a couple of years on W3 Total Cache. I am very impressed. Cheers.

Glad I could help, Edward! Let us know if you have any other questions.

Raam,

I have revisited the original error on a test site I have and have identified definitively what the major culprit is. It was a plugin called Better WP Security (http://wordpress.org/extend/plugins/better-wp-security/). When I deactivated this plugin, I no longer had the problems. If you can tell me why you think there is a conflict I can submit a bug report to Better WP Security's developer.

Cheers.

Edward

Hi Edward,

Thank you for reporting the plugin that was causing a conflict!