DAP works great with the WP Super Cache plugin. Probably works with others too – but we have officially tested it with just Super Cache at this time.
And this page below walks you through the full set up of the WP Super Cache plugin.
Go to Settings > WP Super Cache
You are now on the “Easy” tab. Don’t do anything here just yet.
Go to Advanced tab.
Be sure to put a “Check” (or “Select” the radio button) next to each of the following items
Cache hits to this website for quick access. (Recommended)
Use mod_rewrite to serve cache files. (Recommended)
Compress pages so they’re served more quickly to visitors. (Recommended)
Don’t cache pages for known users. (Recommended)
Don’t cache pages with GET parameters. (?x=y at the end of a url)
Cache rebuild. Serve a supercache file to anonymous users while a new file is being generated. (Recommended)
Clear all cache files when a post or page is published or updated.
Extra homepage checks. (Very occasionally stops homepage caching) (Recommended)
Only refresh current page when comments made.
List the newest cached pages on this page.
Click on Update Status button.
Keep scrolling down until you see the Accepted Filenames & Rejected URIs section.
You’ll see a big text area under the text “Add here strings (not a filename) that forces a page not to be cached”. +
There, add the following, one per line.
Obviously, your member content page URL’s may be slightly different. So make sure you customize it to suit your own URL’s.
Next to back to Easy tab at the top.
Now you select the “Caching On” option and save.
That’s it for the setup.
Now, on to testing.
If you organize all of your member content under a main parent page, say “members”, then all you need to exclude from caching, is /members/
For example, if your URLs include year and you don’t wish to cache last year posts, it’s enough to specify the year, i.e. /2004/. WP-Cache will search if that string is part of the URI and if so, it will not cache that page.
So basically, excluding just one single URL – /members/ – from caching, will make sure all of the following as well remain UN-CACHED.
You get the idea. When you exclude “/members/”, any URL that starts with that same text, will be excluded.
So here’s how you set up the “hierarchy” of the pages.
First, create the page “members“.
Then, when you create the “login” page, make sure you select the “parent” of the page, to be the “members” page.
So, instead of the login page URL looking like… http://YourSite.com/login/
… because the parent page is “members”, that also gets added to the URL, and the login page URL becomes like this:
If you created a page called “example” and made the “login” page as its parent, then the URL for this new page becomes:
So you see how that hierarchy works. Use that to arrange all of your member content under the main “ancestor”, which is “members”, here in our example.
But if you have already completed creation of all of your content, then you’re just going to have to do a little extra work to identify all of your pages and posts and exclude the member content from the list. DAP makes this a little bit easier as well.
If you log in via FTP and go to the “dap” folder, inside, you will see a file called “dap_permalink_dump.php”. If you download that file to your desktop, and open it with any text editor (Notepad, Dreamweaver, etc), inside you will see a full list of URL’s of all posts and pages from your WordPress site. You can just take that list, remove separator text like “Posts” and “Pages”, and trim the list of URL’s down to just your member content, you can take that and paste it right into the WP Super Cache > Advanced tab > Accepted Filenames & Rejected URIs section.
Now open multiple browsers – like Firefox, Chrome and Internet Explorer (or Safari). Use at least 3 separate browsers.
Next, go to your login page in one of them, and then log in. Then go to same login page in another browser – make sure it doesn’t say “You are already logged in”. It should show you the DAP login form. Same on third browser.
Next go to the profile page while logged in as member. Do the same in other two browsers, while logging in as three different people. Each profile page should you show you different information.
If you crated 3 separate products, with 3 different users, then logging in as those 3 different users on the 3 different browsers, should show you 3 different sets of pages.
All this is just to make sure there’s no caching going on of your membership content, that’s all.
If all of this works, then you’re all set with caching for your non-membership content, and no caching for your dynamic member content.
If you’re having weird issues – like members logging in and seeing other people’s profile information, or logging in as a valid user and being told “Sorry, you don’t have access to this content” – then it’s probably because of a “cache” plugin.
Do not use cache plugins on your membership site
DAP now fully works with WP Super Cache (and possibly other cache plugins too).
You just need to make sure that you exclude your member content (including the login page) from being cached.
Follow the steps below to clean up some the junk left behind by cache plugins (regardless of whether you see them in your plugins section, and regardless of whether they are currently active).
1) You wish to disable your cache plugin that is currently enabled
2) You previously had one enabled at some point in the past
3) You don’t believe you ever had a cache plugin enabled in the past
4) You were redirected to this page by the DAP support team because of potential caching-related issues
Now re-test whatever the issue was before, and it would have probably been resolved now.
That should do it.
If the issue still persists, let us know via a support ticket.
A: If all files are stored right on your web site, and you have a large amount of video, audio and other files, then a lot of people viewing and downloading them from your site will use up a lot of resources on your server – like site loading time, server memory, server bandwidth, etc – and your site could slow down considerably. Plus, on top of that, there are also bandwidth charges that your host will charge you with for all of those downloads, which are usually not very cheap.
And don’t put too much faith in your web host’s “Unlimited Bandwidth” clause, because if you read the fine-print carefully, you’ll see that as per their TOS, if you consume large amounts of bandwidth and use too much of the server resources, this could cause other web sites (belonging to others) on the same server to slow down and have a degrade in performance, especially if you are on a shared hosting account. And they could consider this abuse of their TOS, and could either slap you with huge bandwidth or server utilization fees, or may even ask you to take your web site elsewhere because you’re causing issues for other site owners on the same server.
Instead, if the files are stored on Amazon S3, then you don’t have to worry about your site slowing down, or you using up too much bandwidth and getting slapped with huge bandwidth fees, because the files are being served from Amazon’s huge S3 servers which have tons more resources and speed compared to your web host.
Plus in the long run, bandwidth is cheaper on S3 compared to your web host.
A: Not directly, not by itself. By default, DAP can only protect files (and any other content) that is on the same web site where DAP is also installed. For large files, we do recommend that you store files on a fast, scalable file server like Amazon S3. Now, the page or post itself (in which you post that Amazon S3 link) can be protected by DAP, and no un-authorized user can even see the content of the page (or the link within that page).
However, once a user has authorized access to a page because they’re a member, now they can see the page where you have that Amazon S3 link.
It’s similar to posting a public YouTube video on a protected DAP page on your web site. Sure, DAP can protect the page from un-authorized users, but authorized users can actually see the page, and see that it’s a YouTube video, and clicking on that video will directly take them to a page on YouTube.com, which DAP has no control over, and cannot protect once they leave your web site.
Similarly, DAP cannot directly protect that external link to your file stored on Amazon S3. And that’s where our Amazon S3 plugin S3MediaVault.com (S3MV) comes into the picture.
S3MV can make sure that your files on Amazon S3 cannot be accessed directly by anyone, even if the link were shared with others via email or on a forum, and can ONLY be accessed through a page or post on your web site (web site where you have installed the S3MV WordPress plugin).
NOTE: The S3MV plugin is included for free with your purchase of any DAP license, starting with the Unlimited-site license and above.
A: S3MediaVault is not a “true streaming” solution. Which means, it doesn’t stream videos in real time, but rather, plays the video by buffering the file as the viewer is watching the video. And that’s the right way to do it, if you care about your viewers.
This means your viewers will be able to rewind, even put the video on pause (especially for large videos), so that it keeps buffering in the background, and then come back and watch it later when it has fully “loaded” , so that they won’t experience any real-time buffering. This is very useful for viewers that don’t have fast internet connections.
What this also means, is that anyone who watches your video, can also use free, browser plugins (like DownloadHelper) that allow you to download a video that you’re watching in your browser. This is not a security breach. They are able to download it to their computer, only because they currently already have been given authorized access to the video/audio itself.
Please remember that anything that is accessible online – like audio, or video – can always be easily downloaded to the viewer’s desktop. There are many different ways in which you can download what you are viewing in your browser. The bottom-line is this: If a video or audio is able to be viewed in a browser, it can easily be downloaded – or “recorded” using screen-capture solutions like Camtasia, or audio capturing solutions like Audacity), and then saved – to the viewer’s computer.
S3MediaVault makes sure no one can directly access your files from your S3 account, and can only play or view it from your site (where the S3MediaVault plugin is installed).
Then combine that with the Page/Post protection of DigitalAccessPass (DAP),which can make sure only certain people (like paid members, or free but registered users) can access the post or page where the S3MediaVault embed code is published.
Combine DAP + S3MediaVault, and you would have now completely locked down your content from any and every kind of un-authorized and illegal access.
So once someone has paid for your content (or registered for it), and are authorized users who have a right to view or hear that content, it’s OK that they get to download what they’re eligible for, to their computer, for offline use (like during their morning walk, or on the treadmill, or in their car, or when standing in line at the theme park!)
We don’t believe it is a good idea for you to completely prevent even your legitimate, paying members from downloading your videos. After all, they’ve paid for it, and should be able to download it and watch it offline (like on their mobile device, ipad, iphone, etc).
In fact, the best membership sites that we’ve seen, and have helped set up, offer the content in multiple ways: Download the videos for playback later universally on all devices (mp4), download audio version of this video (mp3), download the transcript of the video (PDF), etc.
The more you make it easier for your members to consume your content, the more they will love being a member, and stay with you longer.
If you absolutely must have “streaming” videos that viewers cannot download at all (and also cannot easily buffer ahead and play at their own convenience), then we recommend Vimeo.com/pro.
There are many ways in which you can protect videos.
By default, DAP can only protect files that are stored on the same web site where DAP is installed.
So if you install DAP on YourSite.com , then your files must also be located on YourSite.com. DAP installed on YourSite.com cannot protect files (.mp4, .mp3, .html, .pdf, .doc) that are stored on AnotherSite.com.
So assuming the files are stored on the same site as DAP, you can (and should) protect both the actual video file, as well as the blog post or page in which the embed-code for your video is published, by adding both to a Product.
This gives you 2 levels of protection for your videos:
Level 1: The blog post or page containing the video player code, itself is accessible only by authorized members.
Level 2: When an authorized user gets legitimate access to the page where the video is published (because they’re a paying member, say), even if they try to do a view source and figure out the location of the video (eg., http://yoursite.com/videos/howtovideo1.mp4) , and pass it around by email to their friends (or post the link in an online forum), their friends still can’t view the video, because the video link itself is protected by DAP.
If you have some text that you want the casual visitor (and Google) to read, but wish to protect only the video, then you could turn Sneak-Peek on (in Setup > Config > Advanced), insert a WordPress more tag (<!–more–>) into your post just where you want the content to start being protected, and put the video player’s embed code after the more tag.
The only 3rd-party-stored video files that DAP can protect at this time are videos (and other files) that are stored on Amazon S3. DAP cannot do this by itself, but uses a special WordPress plugin called S3MediaVault.com , which is a plugin we developed specifically to make Amazon S3 videos play in your WordPress blog posts/pages. So again you get 2 levels of protection for your videos…
Level 1: DAP protects the post/page where the special S3MV video player code is embedded
Level 2: The S3MediaVault plugin makes sure that even if someone tried to do a view source and figure out the actual link to your Amazon S3 video, they still won’t be able to view the video.
DAP cannot protect, say, videos that are embedded from other 3rd party web sites like YouTube or Hulu. Of course, DAP can always protect the blog post or page itself that contains the video, but once an authorized user gets valid access to that blog page, they can see that it is a YouTube video (say), and then pass that YouTube video link to their friends, in which case DAP cannot protect that external YouTube video link.
Check out my podcast episode at http://subscribeme.fm/video-hosting-for-your-membership-site/ which goes into detail about video hosting for your membership site.
Here’s how you can customize the HTML, look & feel of the DAP Sidebar Login Widget.
There is a file in the following folder…
Make a copy of that file on your desktop, rename it to…
(just added the text “custom” at the front of the original file’s name).
You can then modify this new file however you want, including altering spacing, and that’s what will be displayed.
Just be careful what you change – do not modify the field names or the submit URL. Feel free to change other visual elements.
DAP currently integrates with all WordPress-based Forum plugins (some of them mentioned below) as well as two non-WP based (vB & XenForo).
So if a member logs in to your membership site via the DAP login form, then they will also automatically be logged in to your forum. That’s called “Single Sign-on” and DAP supports it with all of the above forum software.
The WordPress-based forums listed above (Simple:Press, Mingle, etc) are not really full-featured (like XenForo or vBulletin). DAP doesn’t – and cannot – protect individual forum posts or threads if you used the basic WordPress-based forums. But they’re all free, have pretty decent forum features, easy to set up and use, and will work just fine for most people.
However, if you want a more full-featured forum software that will give you greater control over many details, allow you to protect content at a thread or forum level, and want tons of user and admin features, then we highly recommend going with XenForo (XF) or vBulletin (vB). XF and vB are not free, have a slightly bigger learning curve than the simple WP forum plugins, and require more setup and maintenance overall. And if you want the best forum plugin, and are willing to pay the price (dollar-wise as well as effort-wise) and put in the time to set it up, then XF is the way to go, and DAP integrates extremely well with XF.
Now, the rest of this post is about integration of DAP with the WordPress-based forums.
(For XenForo integration details, click here)
What this essentially achieves, is that once your forum plugin has been integrated with DAP (explained below), anyone who is a member in your DAP-powered membership site, will also be automatically be logged in to your forum when they log in to your membership site.
So they won’t have to log in twice [like, once into DAP and once into your forum].
Here’s how you set up the DAP/forum integration.
Now, a quick explanation of both settings.
If you turn this to “Y” (for “Yes”), then every time someone logs into DAP, they’re automatically logged into WordPress too (with a “user” WordPress role). And because they’re logged into WordPress, that means they’re also logged into your forum (because you are using a WordPress-based Forum Plugin which already integrates with your WordPress installation)
This one matters only if you have set (1) above to “Y”.
So once you have decided to turn on the DAP/Forum plugin integration, then if you want only your “PAID” members to have access to the forum, then set this to “Y”.
If you want both FREE and PAID users accessing your forum, then set this to “N”.
wp-content/plugins/). You are essentially over-writing your existing plugin files, that's all.
Note: The above ALL-CAPS, that too in RED does not mean we're yelling at you :-). We just want to OVER-EMPHASIZE the importance of the text, that's all.
Now DAP already provides you with a built-in, out-of-the-box login form, at YourSite.com/dap/login.php . But if you want to put this form “within” your WordPress blog, so as to give your login form the same Look & Feel as the rest of your blog, then do this…
1) Create a WordPress Page (not “Post”) with the text %%LOGIN_FORM%% in the body of the page, and a title of say, Login, and save the new page. If you used the text “Login” for the title, then the actual link to this page would be YourSite.com/blog/login
2) This page now shows up as “Login” along with the rest of your “pages” on your blog.
3) Go to DAP Admin > Setup > Config . Scroll down to the field Login URL
In the text box, enter the full link to your login page from Step 1:
Or if your blog is in the root, then…
That’s it! When someone clicks on the “Login” link that now shows in your “Pages” menu, they will now see a nicely formatted login form.
Related: Where is the Logout Link?
By default, none of the posts or pages you have protected in DAP will be visible in any of the WP menus (not even in custom menus).
Which means, as far as your visitors (or search engines) are concerned, those posts/pages don’t even exist in your blog – until the content “drips” on them.
Some DAP users want it that way, and some don’t.
Also, from an SEO perspective, if your visitor (who is not a member, and one who is not logged in) can’t even see the post, then neither can Google. This means, if you do a blog-and-ping, when Google arrives at the permalink of your new post, because the post is protected, DAP will redirect Google to your login page. This means, you don’ get the benefit of SEO for your new post.
Also, from a “Curiosity” standpoint, if you protect all of the posts, then your visitor will only see a handful of non-protected blog posts, and logged-in members will see only content that has already dripped on them (accessible to them).
Giving them a “sneak-peek” of the protected content is a great way to get them excited about your content.
So for example, you could have a blog post that talks about a video, and goes into detail about everything that they can learn from watching the video – but the content ends just before the video, and where the video would’ve normally appeared, there appears a “Login Form” that asks them to login first before they can view the content, or purchase access if they wanted to see the video.
How to turn on Sneak-Peek
Go to DAP Dashboard > Config > WordPress Sneak-Peek
It is set to “N” (no) by default. Change this to “Y” and click on the “Update” button to save the change.
And then when they click on the “more” button to read the rest of the post, the full post is protected anyway, and they are presented with a login screen.
As soon as you turn on Sneak-Peek, DAP will show all content from your blog posts, but only up to the “More” tag. This means, if you don’t have a “More” tag in any of your content, then all of your blog posts will show to all users, regardless of whether they have access or not.
So, the most important thing here is this:
SNEAK-PEEK and MORE are INSEPARABLE.
If you do sneak-peek, you MUST include a “More” tag.
So when you create a WordPress blog post, split the post into two parts using the “More” tag. This creates a “public preview” portion of the actual post, that shows up on your blog’s home page and in the permalink when that post is displayed. To read the rest of the post, your visitor has to click on the “More” link, and that’s when depending on whether the user has access, the rest of the post will be displayed.
Once you install this plugin, when someone visits your blog, they will ONLY see posts that they are “eligible” to view. This applies to your blogs main page as well.
So, if a casual visitor arrives at your blog, they only see titles and their summaries for posts that have NOT been protected (not added to DAP at all).
For instance, if you have 100 posts, and have protected 95 of them, then on your blogs home page, this visitor will see only 5 blog posts – titles and summaries – in TOTAL.
They wont even see the titles or bodies of the protected posts. And if they somehow get the link to it (from someone else, by email, say) and try to visit it, then the existing DAP protection kicks in, and theyre asked to login first to determine if they have access to that post “as of now.
But once this same visitor logs in, all blog posts that were HIDDEN earlier MAGICALLY re-appear And they see all posts that they are CURRENTLY eligible to access (this excludes posts to which access already expired, and posts to which they dont have access YET – i.e., future availability).
If you want a certain portion of even your protected posts to always show up, even if the user is not eligible to see the post, see DAP “Sneak-Peek”.
This plugin lets you do two other things:
1) You can PERSONALIZE blog post titles and content with MERGE variables.
So, if you create a blog post with the title “Welcome %%FIRST_NAME%%“, then when your member logs in, they will see “Welcome John“.
Available merge variables;
%%FIRST_NAME%% – Gets replaced with their first name
%%EMAIL%% – Gets replaced with their email
%%MEMBER_HOME_PAGE%% – Gets replaced with the ‘login’ page
2) You can also put the Login Form on any WP “Page”.