Forum Replies Created
-
Posts
-
Right, not eStore necessarily but WordPress itself. Would WordPress be changing the file permissions for folders within the wp-content folder upon updates?
Hello,
We have an issue whereby our root download folder keeps getting its permissions set back to 0755 even though we set it to 0700 as instructed. We contacted the web host and they said that WordPress automatically changes file permissions.
Could you please confirm whether this is true or suggest what else might be causing this? Should our downloads folder for eStore not be within the wp-content folder?
We use 4 custom fields in our registration forms. For brevity’s sake we will call them: Field A, Field B, Field C and Field D.
Because we need to have some registration forms that do not include these custom fields, you directed us to purchase the Form Builder Addon.
However, we are having trouble understanding the best way to manage this and we really do not understand why the custom fields cannot be global within the account.
As you explained via email, “The form builder is a completely separate addon. It doesn’t have any relationship with the custom fields that you can configure in the custom fields menu of the plugin.”
So this means that we have to create duplicate versions of Field A, Field B, Field C and Field D, and the original versions of Field A, Field B, Field C and Field D that already exist within eMember become obsolete (even though data still exists within them).
However, additionally, it seems that each registration form that we create with the Form Builder Addon that needs to include Field A, Field B, Field C and Field D then creates another new version of Field A, Field B, Field C and Field D.
If we have 4 different registration forms (for 4 different membership levels), that each contain Field A, Field B, Field C and Field D, that then makes 4 different versions of each of those fields (plus the original version of these 4 fields that already exist within eMember).
This equals 5 versions of the same 4 fields. This means there are 20 custom fields total appearing under each account, when all we need is the 4 custom fields.
Is this really the intended behavior? It is very confusing and convoluted to keep track of.
Hello,
Is there a way to change the default membership level when manually adding a new membership account?
When we add a new member manually, the membership level for the new account seems by default to be set to the most recent membership level that was created. Additionally, it seems that we cannot change the membership level or deselect it until the account has been created (we then have to save the account again after it has been created in order to be able to change the membership level).
Is there a way that the membership level can be changed while creating the new account (instead of having to create it and then save it again)?
Or is there a way that we can change what the default membership level is set to when manually creating a new account?
We think it would be very useful to have just some basic tracking info with eMember. Perhaps if it were simplified it could be possible?
Would it be possible to implement a tracking option to see these 2 numbers, over the course of 30 days:
1. How many accounts have been renewed
2. How many accounts have expired
This would give some valuable info in itself.
Well, is there any way that we could track how many people have paid for an account renewal over the course of a particular amount of time?
Wouldn’t (renewal payments / month) be an objective metric?
Hello,
When someone resets their password they seem to get 2 emails:
-The eMember notification email
-And a default WordPress email, which states, “This notice confirms that your password was changed on (Site Title). If you did not change your password, please contact the Site Administrator at (Site Admin Email)”
Can you please tell us how we can disable this default WordPress email? It is confusing for the user to receive 2 emails when they reset their password, and we would like them to only receive the eMember email.
Thank you!
Hello,
Can you please tell us – is there any way to be able to tell how many users are logged in to eMember at any given time?
Thank you!
Thank you!
We just have a couple follow up questions to make sure we understand everything completely:
1. It is the setting of the downloads folder to permission 0700 that will make the files inaccessible, even if someone finds the links to them, correct?
2. Our thumbnails for all of our eStore products are located within the master downloads folder. When we set the master downloads folder to permission 0700, it then makes it so that our thumbnail images are no longer displayed on the site. It seems as though we will need to move our thumbnail images to be outside of the downloads folder. However since we have hundreds of eStore products, it will take quite a bit of work for us to update all of the URL’s to the thumbnail images for each product. Is there any way that we can change the permissions of the thumbnail image folders (that reside within the master downloads folder), so that even when the master downloads folder is set to permission 0700, the thumbnail images will still be accessible and displayed on the site?
3. Just to make sure we have the .htaccess correct, we have placed an .htaccess file in the master downloads folder, with only this bit of text within it:
Options -Indexes
Is that correct?
Many thanks…
Hello,
We recently realized that many of our PDF digital downloads were appearing in search engine results. These items should not be linked to from anywhere else on the site, so we’re not exactly sure how the search engines are finding them.
We followed the instructions to set the root downloads folder to 0700 and that seems to have solved the problem of those documents being accessible via the direct URL (now instead of the files coming up, a 404 page appears instead).
We have also followed the instructions for creating the robots.txt file in the root directory and the .htaccess file in the downloads folder.
If you could please just help clarify a couple things for us:
1. The robots.txt and .htaccess files are what will hopefully keep search engines from indexing the download materials, correct (we understand that it is up to the search engine to obey or not)? Is it just a matter of waiting now to see if the search results update? Is there anything else that we can do in this regard to keep our files from appearing in search results?
2. Since applying the 0700 permission to the root download folder seems to have solved the problem of our documents being freely downloadable, is there anything else that we need to do in this regard? We have tested in several browsers and in all of them a 404 error appears when attempting to access any of the files directly, which is perfect. Does this mean that we should be good to go now, or is it possible that in some other browsers the files are still accessible and we need to look at taking extra security measures?
Thank you!
Hi,
This is not just one person, it is a significant portion of our user base. Many of our customers are teachers, and many of them have this problem when attempting to download our materials from their schools or companies.
Our server is hosted by a conventional hosting company.
If the users use their home internet connection, they do not have a problem. Whenever they try to use the internet connection at their school or company, they get the error when trying to download the materials.
Many of them have asked the IT manager of their school or company to look into the matter, but the IT folks (from different companies/networks) have never once been able to find a setting or permission that would be preventing access.
This problem has been ongoing and is not specific to a single network – it has been continuously reported from different users who are at different schools & companies.
We have tried the Amazon S3 method that you suggested, but that does not solve the issue.
Thank you!
PS – Just to clarify, the previous example given was from a home internet connection, but I believe we can disregard that case – all other examples are from school & company networks, and we usually get reports of the problem every week.
Can you please tell us, what about if we want to use HTML just for the auto Expiry emails, to make it more appealing for people to want to renew their accounts?
Since the only link needed in that email is the renewal page link, is something we could do?
Or would you still recommend that we don’t use HTML for the auto Expiry emails, for the reasons explained in the above article?
Thank you!
Hello,
We have a member who is having this same problem. She is able to log-in to the eMember section of the website, but when attempting to download materials, she gets the message, “Access Denied! Please provide valid username and password to download the file.”
We have tried using the Amazon S3 method but that does not solve anything, the same results occur.
In the most recent case, the member is using her home internet connection and says that there is no network or firewall protection on it.
Do you have any suggestions here? It now seems that this problem may not be limited only to corporate networks (though that is certainly where it has occurred the most). Is there any setting that folks can change on their internet connection to stop the “pushing action” of the encrypted links from being blocked?
Thank you!
