latest stable versions: v140921 (changelog)

s2Member® Security Badges

s2Member®

[s2Member-Security-Badge v="1" /]

s2Member®

[s2Member-Security-Badge v="2" /]

s2Member®

[s2Member-Security-Badge v="3" /]

An s2Member® Security Badge (optional), can be used to express your site’s concern for security; demonstrating to all Users/Members that your site (and the s2Member® software) takes security seriously.

From your WordPress Dashboard, please see:
s2Member® -› General Optionals -› Security Badge

Instructions: Qualifying Your Site

To qualify your site, you will need to enable s2Member’s Security Badge Status API & generate a Security Encryption Key in your Dashboard — with s2Member® installed as an active plugin.

Also, there are a few additional requirements set forth below. Some of these requirements pertain to WordPress® security in general, and some of these requirements are s2Member-specific. What we want to see is that you’ve made an effort to tighten security on your installation of WordPress® by following these guidelines. Your site, and your users, will be safer as a result :-)

NOTE: Once you’ve completed the steps below, it can still take up to 60 minutes for your s2Member Security Badge image to show a green status for the first time.

1. Is your s2Member® Badge Status API enabled?

Please see: Dashboard -› s2Member® -› General Options -› Security Badge -› Badge Status API

2. Does your /wp-config.php file have all of these configuration values filled in properly (e.g. have you setup your WordPress® Security Keys)?

See: http://codex.wordpress.org/Editing_wp-config.php#Security_Keys

IMPORTANT NOTE: Each of these MUST be at least 60 characters, and must NOT contain the default: unique phrase values that come with WordPress®. We suggest using the super easy Security Key Generator.

3. Have you created a Security Encryption Key for your s2Member® installation?

Please see: Dashboard -› s2Member® -› General Options -› Security Encryption Key

IMPORTANT NOTE: This MUST be at least 60 characters in length.

4. Does your /wp-config.php file have both of these configuration values?

These configuration values MUST be filled in: DB_USER & DB_PASSWORD

See: http://codex.wordpress.org/Editing_wp-config.php#Set_Database_Name

IMPORTANT NOTE: These values must NOT be exactly the same.

5. Have you configured your s2Member® Unique IP Restriction Options yet?

Please see: Dashboard -› s2Member® -› Restriction Options -› Unique IP Restrictions

IMPORTANT NOTE: This must NOT be set to a value of: infinite

6. Have you configured your s2Member® Brute Force IP Restrictions yet?

Please see: Dashboard -› s2Member® -› Restriction Options -› Brute Force IP Restrictions

IMPORTANT NOTE: This must NOT be set to a value of: infinite

7. Have you disabled debug logging in your s2Member® configuration yet?

Please see: Dashboard -› s2Member® -› Log Files (Debug) -› Logging Configuration

IMPORTANT NOTE: All logging MUST be disabled (to prevent log files that may contain sensitive data). In addition, any existing log files from previous debugging efforts MUST be deleted before your s2Member® Security Badge will go green. See: Dashboard -› s2Member® -› Log Files (Debug) for further details.

* The only way to bypass this requirement, is to set a custom location for your s2Member® log files.

Please create this directory and file:
/wp-content/mu-plugins/s2-hacks.php

<?php
add_filter('ws_plugin__s2member_logs_dir', 's2_logs_dir');
function s2_logs_dir($what_s2_says){
	return '/absolute/path/to/my/custom/logs/dir';
	// Ideally a location outside of the HTTP space (more secure).
	// Something like: /var/logs/s2member
}
Look at your installation here: www.yoursite.com/?s2member_s_badge_status=1

If you visit this link on your WordPress® installation, you should get a plain text file that contains only a single value of: 1 (indicating your site is in the green with s2Member®). If you don’t, one of the above is the likely cause. Please go back over your configuration.

IMPORTANT: Once this shows a value of 1, it can still take up to 60 minutes for your s2Member Security Badge image to show a green status for the first time.

s2Member® Security Badge Variations

There are a few different Security Badge variations. Which variation you decide to go with is completely up to you. You can adjust the variation that you display on-site by modifying the Shortcode Attribute: v="1|2|3". For further details on this Shortcode, please see: Dashboard -› s2Member® -› General Options -› Security Badge

s2Member®

[s2Member-Security-Badge v="1" /]

s2Member®

[s2Member-Security-Badge v="2" /]

s2Member®

[s2Member-Security-Badge v="3" /]

About the Author

Jason (Lead Developer)Yep, I'm one of those oddball coders! When I'm not coding, I'm thinking about code, or helping others with code. Heck, sometimes my dreams are in the PHP language :-) It's been a passion of mine for 12+ years now.View all posts by Jason (Lead Developer) →

Contacting s2Member: Please use our Support Center for bug reports, pre-sale questions & technical assistance.