latest stable versions: v150827 (changelog)

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

Excluding a specific URL from S2 protection

Home Forums Community Forum Excluding a specific URL from S2 protection

This topic contains 3 replies, has 2 voices. Last updated by  Bruce 3 years, 11 months ago.

Topic Author Topic
Posted: Wednesday Jan 30th, 2013 at 11:34 am #40004

Looking for some advice about the best way to exclude a specific URL from S2 protection. Here is the scenario: We’ve installed a chat program which interfaces with WP but is installed outside of the WP installs on the server. This works perfectly. People who visit our site, who are not logged in, cannot access the chat program. S2 is functioning perfectly. However, it is locking out admins from the admin log in. The URL which is set up to administrate the new chat software is:

http://domain/chatprogram/admin/

When a logged in Admin to our membership site manually puts the correct URL into the browser, S2 immediately redirects to the membership website login page. I was thinking the best way to solve this problem would be to add the URI /admin/ to our highest membership level so only the top membership level wouldn’t be redirected away from an admin URL outside of the WP install but then I wasn’t sure if this was the best way given that admin URLS present security risks. Is there any other way to protect a specific URL? I’d appreciate some input.

  • This topic was modified 3 years, 11 months ago by  swiss-cheese.

List Of Topic Replies

Viewing 3 replies - 1 through 3 (of 3 total)
Author Replies
Author Replies
Posted: Wednesday Jan 30th, 2013 at 12:03 pm #40008

Hm…actually, I just tried to add /admin/ to our highest level of membership and when I enter the correct URL (logged into S2 as an admin) it says “page not found” and if I am logged out and try to enter the URL S2 redirects me to the login/registration page.

Posted: Saturday Feb 2nd, 2013 at 5:08 am #40343
Bruce
Username: Bruce
Staff Member

Thank-you for your inquiry.

I’m reviewing this thread now.

Posted: Saturday Feb 2nd, 2013 at 5:27 am #40351
Bruce
Username: Bruce
Staff Member

Looking for some advice about the best way to exclude a specific URL from S2 protection. Here is the scenario: We’ve installed a chat program which interfaces with WP but is installed outside of the WP installs on the server. This works perfectly. People who visit our site, who are not logged in, cannot access the chat program. S2 is functioning perfectly. However, it is locking out admins from the admin log in. The URL which is set up to administrate the new chat software is:

When you say that your chat program “interfaces with WP”, what do you mean exactly? Is this something that is being pulled into a WordPress Post/Page? Are you only loading WordPress’s functionality here through PHP?

Hm…actually, I just tried to add /admin/ to our highest level of membership and when I enter the correct URL (logged into S2 as an admin) it says “page not found” and if I am logged out and try to enter the URL S2 redirects me to the login/registration page.

This is likely an issue with an invalid setup here. You should set up your URI restriction with /chatprogram/admin/. If you use /admin/, s2Member will block access to any URI on your server that contains /admin/ in the URL, which is not what you need here.

See: Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions

Viewing 3 replies - 1 through 3 (of 3 total)

This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

Contacting s2Member: Please use our Support Center for bug reports, pre-sale questions & technical assistance.