Community Support Forums

[DannyL]

S2member won't restrict posts with exterior links that I used the "press this" function on wordpress. is there a way to restrict these posts?
Thanks

[Cristián Lávaque]

When you post them with Post This, are they being published under one of the protection methods provided by s2Member? Like, have you protected a category where those Post This posts are being published under?

[DannyL]

Thanks in advance & Yes they are

[Cristián Lávaque]

Ah ok. Could you show me a screenshot of how you configured the protection?

Also, have you made sure you were logged out of your admin account when you went to check if the posts were protected?

[DannyL]

Yes I did I checked from a non logged in browser

I am using a tabbed sidebar in suffusion theme. i think that is the problem

[DannyL]

Site URL http://www.ourlittlegardens.com/
No that didn't solve the problem
(I also have check the box on the page "gardening tips & Articles" for level 0 access and I checked on each individual post for level O access as well
Here is a screen shot of the configuration

Code: Select all

Post Level Access Restrictions ( optional )

Here you can specify Posts that are restricted to certain Membership Access Levels. s2Member also supports Custom Post Types here, which were first introduced in WordPress® 3.0. If you have a theme or plugin installed, that has enabled Custom Post Types ( i.e. Music/Videos or something else ), you can put the IDs for those Posts here.

*Note* Protecting individual Posts, ONLY protects the Permalinks for those Posts. It is still possible for excerpts of protected content to be seen in search results generated by WordPress®, feeds, and Archive views; such as your Home Page, inside a Category listing, or through other queries formulated by your theme. This is the intended functionality. Excerpts are a great way to "tease" public visitors. In other words, public visitors may have access to excerpts introduced by your theme, but any attempt to view the full Post ( i.e. the Permalink ) will result in an automatic redirect to your Membership Options Page; requiring registration. All of that being said, if you would like to protect many Posts at once ( including Archive views ), you can use Category Level Restrictions, Tag Level Restrictions, or have a look down below at s2Member's options for "Alternative View Protection", which deals with search results, as well as feeds.
Posts That Require Level #0 Or Higher:
152,77,189,187
Post IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Posts That Require Level #1 Or Higher:

Post IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Posts That Require Level #2 Or Higher:

Post IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Posts That Require Level #3 Or Higher:

Post IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Posts That Require Highest Level #4:

Post IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
-Page Access Restrictions
Page Level Access Restrictions ( optional )

Here you can specify Pages that are restricted to certain Membership Access Levels.
Pages That Require Level #0 Or Higher:
149,35
Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Pages That Require Level #1 Or Higher:
137,253
Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Pages That Require Level #2 Or Higher:

Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Pages That Require Level #3 Or Higher:

Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Pages That Require Highest Level #4:

Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
+Tag Access Restrictions
Tag Level Access Restrictions ( optional )

Here you can specify Tags that are restricted to certain Membership Access Levels. This is very similar to Category Level Access. When you restrict access to a Tag Archive, it also restricts access to any Post having that Tag; even if a Post has other Tags. *Tip* ... Tags can be applied to any Post, without affecting your Category structure at all. If you'd like to use Tags with Pages, get Page Tagger ( compatible with s2Member ).

Tags are caSe sensitive. The Tag members only is NOT the same as Members Only.
Tags That Require Level #0 Or Higher:

Tags in comma-delimited format. Example: free,subscribers only — or you can type: all.
Tags That Require Level #1 Or Higher:

Tags in comma-delimited format. Example: premium,members only — or you can type: all.
Tags That Require Level #2 Or Higher:

Tags in comma-delimited format. Example: premium,members only — or you can type: all.
Tags That Require Level #3 Or Higher:

Tags in comma-delimited format. Example: premium,members only — or you can type: all.
Tags That Require Highest Level #4:

Tags in comma-delimited format. Example: premium,members only — or you can type: all.
+Category Access Restrictions
Category Level Access Restrictions ( optional )

Here you can specify Categories that are restricted to certain Membership Access Levels. Category restrictions are a bit more complex. When you restrict access to a Category, it also restricts access to any child Categories it may have ( aka: sub-Categories ). In other words, restricting a Category protects a Category Archive, all of its child Category Archives, and any Posts contained within the Category, or its child Categories.
Categories That Require Level #0 Or Higher:

Category IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Categories That Require Level #1 Or Higher:

Category IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Categories That Require Level #2 Or Higher:

Category IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Categories That Require Level #3 Or Higher:

Category IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
Categories That Require Highest Level #4:

Category IDs in comma-delimited format. Example: 1,2,3,34,8,21 — or you can type: all.
+URI Restrictions ( typical w/ BuddyPress )
URI Level Access Restrictions ( optional )

Here you can specify URIs ( or word fragments found in URIs ) that are restricted to certain Membership Access Levels. Control over URIs is a little more complex. This section is intended for advanced webmasters only. That being said, here are the basics... A REQUEST_URI, is the portion of the URL that comes after the domain. This is a URL http://www.example.com/path/to/file.php, and this is the URI: /path/to/file.php.

In the fields below, you can provide a list ( one per line ) of URIs on your site that should be off-limits based on Membership Level. You can also use word fragments instead of a full URI. If a word fragment is found anywhere in the URI, it will be protected. Wildcards and other regex patterns are not supported here, and therefore you don't need to escape special characters or anything. Please note, these ARE caSe sensitive. You must be specific with respect to case sensitivity. The word fragment some-path/ would NOT match a URI that contains some-Path/. A few Replacement Codes are also supported here.

*BuddyPress ( and similar )* URI Restrictions work great with plugins like BuddyPress that add new areas to your site ( where those new areas are NOT necessarily a Post/Page/Tag/Category ). In other words, anytime you'd like to protect a specific feature offered by BuddyPress ( or other plugins ), you'll need to nail down some word fragments found in the URIs associated with those areas. For instance, with BuddyPress you might have: [ click for example ].
URIs That Require Level #0 Or Higher:

URIs and/or word fragments found in URIs. One per line please.
URIs That Require Level #1 Or Higher:
/profile/ /messages/ /friends/ /groups/ /albums/ /chat/ /settings/ /forums/ /members/
URIs and/or word fragments found in URIs. One per line please.
URIs That Require Level #2 Or Higher:

URIs and/or word fragments found in URIs. One per line please.
URIs That Require Level #3 Or Higher:

URIs and/or word fragments found in URIs. One per line please.
URIs That Require Highest Level #4:

URIs and/or word fragments found in URIs. One per line please.
+Alternative View Protection ( please read )
Alternative View Protection ( optional / experimental )

s2Member protects Categories, Tags, Posts, Pages, Files, URIs & more. BUT, even with all of those security restrictions, it's still possible for protected content excerpts to be seen through XML feeds, in search results generated by WordPress®; and/or ( depending on your theme ), possibly in other Archive views; which might include: Posts by Author, Posts by Date, a list of featured items formulated by your theme, OR even through other widgets/plugins adding functionality to your site. ~ We refer to all of these collectively, as "Alternative Views".

Using the options below, you can tell s2Member to protect some ( or all ) of these "Alternative Views", by filtering WordPress® database queries for you. s2Member can automatically hide protected content that is NOT available to the current User/Member. In other words, s2Member is capable of pre-filtering ALL database queries, so that excerpts of protected content will not be allowed to slip through. This is marked "experimental", because we're still testing this against MANY widget/plugin/theme combinations. Please report all bugs.
Protect Alternative Views?

Attn Developers: Filters can be suppressed dynamically, using this technique:
query_posts(" ... &suppress_filters=true");
+Specific Post/Page Access Restrictions
Specific Post/Page Access Restrictions ( optional )

s2Member now supports an additional layer of functionality ( very powerful ), which allows you to sell access to specific Posts/Pages that you've created in WordPress®. Specific Post/Page Access works independently from Member Level Access. That is, you can sell an unlimited number of Posts/Pages using "Buy Now" Buttons, and your Customers will NOT be required to have a Membership Account with your site in order to receive access. If they are already a Member, that's fine, but they won't need to be.

In other words, Customers will NOT need to login, just to receive access to the Specific Post/Page they purchased access to. s2Member will immediately redirect the Customer to the Specific Post/Page after checkout is completed successfully. An email is also sent to the Customer with a link ( see: s2Member -> PayPal® Options -> Specific Post/Page Email ). Authentication is handled automatically through self-expiring links, good for 72 hours by default.

Specific Post/Page Access, is sort of like selling a product. Only, instead of shipping anything to the Customer, you just give them access to a specific Post/Page on your site; one that you created in WordPress®. A Specific Post/Page that is protected by s2Member, might contain a download link for your eBook, access to file & music downloads, access to additional support services, and the list goes on and on. The possibilities with this are endless; as long as your digital product can be delivered through access to a WordPress® Post/Page that you've created.

Very simple. All you do is protect the Specific Post/Page IDs that are being sold on your site. Then, you can go to s2Member -> PayPal® Buttons -> Specific Post/Page to generate "Buy Now" Buttons that you can insert into your WordPress® Editor, and make available on your site. The Button Generator for s2Member, will even let you Package Additional Posts/Pages together into one transaction.
Specific Post/Page IDs Being Sold On Your Site:

Post/Page IDs in comma-delimited format. Example: 1,2,3,34,8,21 * Note... the word all does NOT work here. Also, please be careful not to create a conflict with other Access Restrictions. If you are going to sell Specific Post/Page Access, you should enter specific Post/Page IDs here; and make SURE that you've NOT already protected any of these Posts/Pages with Member Level Access Restrictions. In other words, if you configure s2Member, in such as a way, that a Post/Page requires Membership Level Access, you cannot sell that same Post/Page through Specific Post/Page Access. Doing so, would create a conflict. Customers that purchased Specific Post/Page Access, would be unable to access the Post/Page - without also having a Membership. Not good. So be careful with this.
+Brute Force IP/Login Restrictions
Brute Force IP/Login Restrictions ( prevents username/password guessing )

As with any Membership system, it is possible for someone to try and guess Username/Password combinations by attempting a Brute Force Attack; whereby multiple/repeated logins are strategically attempted with various Username/Password combinations until a correct guess is made. It is NOT likely that you'll be attacked in this way, but it's still a good idea to protect your system; just in case somebody tries this. s2Member thwarts this behavior by monitoring failed login attempts that occur within a short period of time. Whenever s2Member detects an IP address ( i.e. a remote user ) that is consistently failing to enter a valid Username/Password, a temporary ban is created; preventing additional attempts from taking place for 30 minutes. This temporary ban, will ONLY affect the offending IP address.

*Note* an empty IP address ( associated with someone browsing anonymously ), is also considered a unique IP address, so it cannot circumvent s2Member's security.
Maximum Failed Login Attempts:

When/if you change this, you should also Reset Brute Force Logs ( click button above ).

The default period of "30 minutes" could be modified through this WordPress® Filter:
ws_plugin__s2member_track_failed_logins__exp_time
+Unique IP Access Restrictions
Unique IP Access Restrictions ( prevents username/link sharing )

As with any Membership system, it is possible for one Member to signup, and then share their Username with someone else; or even post it online for the whole world to see. This is known as Link Sharing ( aka: Username Sharing ). It is NOT likely that you'll be attacked in this way, but it's still a good idea to protect your system; just in case somebody tries this. s2Member's IP Restrictions work for Membership Level Access ( account logins ), Specific Post/Page Access, Registration Links, and other secure Entry Points. In all cases, the rules are simple. A single Username, Access Link, and/or Entry Point ... is only valid for a certain number of unique IP addresses. Once that limit is reached, s2Member assumes there has been a security breach. At that time, s2Member will place a temporary ban ( preventing access ) to a Specific Post/Page, or to an account associated with a particular Username. This temporary ban, will ONLY affect the offending Link and/or Username associated with the security breach. You can fine-tune this behavior, using the options below.

*Note* an empty IP address ( associated with someone browsing anonymously ), is also considered a unique IP address, so it cannot circumvent s2Member's security.
Maximum Unique IP Addresses Allowed:

The default period of "30 days" could be modified through this WordPress® Filter:
ws_plugin__s2member_ip_restrictions__concurrency_time_per_ip
Security Breach Timeout Period:

When/if you change this, you should also Reset IP Restriction Logs ( click button above ).
+Member Profile Modifications
Giving Members The Ability To Modify Their Profile

s2Member can be configured to redirect Members away from the default Profile Editing Panel that is built into WordPress®. When/if a Member attempts to access the default Profile Editing Panel, they'll instead, be redirected to the Login Welcome Page that you've configured through s2Member. Why would I redirect? Unless you've made some drastic modifications to your WordPress® installation, the default Profile Editing Panel that ships with WordPress®, is NOT really suited for public access, even by a Member.

So instead of using this default Profile Editing Panel; s2Member creates an added layer of functionality, on top of WordPress®. It does this by providing you ( as the site owner ), with a special Shortcode: [s2Member-Profile /] that you can place into your Login Welcome Page, or any Post/Page for that matter ( even into a Text Widget ). This Shortcode produces an Inline Profile Editing Form that supports all aspects of s2Member, including Password changes; and any Custom Registration/Profile Fields that you've configured with s2Member.

Alternatively, s2Member also gives you the ability to send your Members to a special Stand-Alone version. This Stand-Alone version has been designed ( with a bare-bones format ), intentionally. This makes it possible for you to open it up in a popup window, or embed it into your Login Welcome Page using an IFRAME. Code samples are provided below.
Redirect Members away from the Default Profile Panel?

Recommended setting ( Yes ). *Note* When this is set to ( Yes ), s2Member will take an initiative to further safeguard ALL /wp-admin/ areas of your installation; not just the Default Profile Panel. Also, starting with WordPress® 3.1+, setting this to ( Yes ) tells s2Member to dynamically modify links/titles in the new Admin Bar that can be enabled on WordPress® 3.1+. s2Member will force links to your Login Welcome Page instead of the Default Profile Panel; and Dashboard links are removed for non-Admin accounts ( as they should be ).

Shortcode: for an Inline Profile Modification Form:

Stand-Alone / Code Sample ( standard link tag ):

Stand-Alone / Code Sample ( open the link in a popup window ):

<a href="#" onclick="window.open('http://www.ourlittlegardens.com/?s2member_profile=1', '_popup', 'height=350,width=400,left=100,screenX=100,top=100,screenY=100,location=0,menubar=0,toolbar=0,status=0,scrollbars=1,resizable=1'); return false;">Modify Profile</a>"

Stand-Alone / Code Sample ( embed the Form with an IFRAME tag ):

+Deactivation Safeguards
Deactivation Safeguards ( optional, recommended )

By default, s2Member will cleanup ( erase ) all of it's Roles, Capabilities, and your Configuration Options when/if you deactivate it from the Plugins Menu in WordPress®. If you would like to Safeguard all of this information, in case s2Member is deactivated inadvertently, please choose Yes ( safeguard all s2Member data/options ).
Safeguard s2Member Data/Options?

Recommended setting: ( Yes, safeguard all data/options )

   
.
.
.
.
.

[DannyL]

I even tried restricting the category - 11 and that didn't work either

Thanks

[Cristián Lávaque]

OK. So you protected category ID 11, where your Post This posts went, and they weren't protected?

Did you open the new post specifically or did you see it listed in the homepage's latest posts? If the latter, you may need to take a look at WP Admin -> s2Member -> General Options -> Alternative View Protection.

[Jason Caldwell]

Hi Danny. I just contacted you via email.

S2member won't restrict posts with exterior links that I used the "press this" function on wordpress. is there a way to restrict these posts? ~Thanks

I'd like to start by going through your original bug report again. Can you please explain in a little more detail how you are protecting Posts you create with the PressThis Bookmarklet? I thought I read in an earlier forum post that you were protecting Posts with Category Restrictions?

FYI: s2Member's Meta Box drop-down menu does not appear in the PressThis window. So if you intend to use ONLY PressThis to publish Posts, you'll need to add each of your Posts to a protected Category, or add a protected Tag to each of these Posts. From your configuration, it appears that you're not currently protecting any Categories or Tags, is that correct?

[DannyL]

HI Jason, Thanks for the email & thanks for looking at my questions, just wanted to say I really like S2member! Haven't had any issues other than this one. To go into more detail I created a blog page using static pages on the reading settings in wordpress as the blog page. then I restricted that page to level 0. Then I did the press this & after doing so went into the post itself and set the restriction to 0.
when I am logged out I am able to click on blog on the nav bar and it takes me to the page. When I click on the title of the post I get re-directed to the membership options page. When I click on the link it takes me to the link. The settings of my screen-shot on my previous post didn't show up for some reason. after that I tried category restriction as well but same results.

Thanks in advance!

[Jason Caldwell]

Hi Danny. Thanks for reporting back on this.
~ much appreciated!

I decided to go ahead and do a video discussing some of the gotchyas related to content protection with s2Member. Please take a look at this thread, where I've posted the video.

After watching the video, I think you'll be able to resolve the issue you're having. However, if this problem continues, please write me back OK, and we'll take a closer look for you.
Thanks for your patience.

[DannyL]

Thanks Jason I gotta say I really appreciate your prompt attention. It renews my faith in business people...
Problem Solved! See we can make money and help each other as opposed to the way things have been done lately (Our Little Gardens is a model for that philosophy BTW)
I have been meaning to watch Zeitgeist but kept putting it off and just checked out the beginning, I will have to make time to watch this now & I will be upgrading to S2member pro shortly.

Thanks again and keep up the great work!

[Jason Caldwell]

Thanks for the kudos Danny.
~ much appreciated!