subject: Ensuring Your Membership Site Is Being Protected [print this page] In this article we will explore several options to help stopping freeloading sign ups at your membership site. These tips will help protect your content and site.
So how do people sneak in without paying or paying full price? A common technique is to buy a membership, and then pass it on to their friends or even resell the membership. Suddenly you have freemember2010 logging in from all over the planet! This person gets around. He's in logging in from Australia one minute, and New York the next.
How do you stop him? Restricting the number of IP addresses puts a stop to much of the abuse. Basically you're telling your membership site to only allow a log in from so many locations a day. That includes log ins from freemember2010. You can see this by going to Wishlist Member > Settings and then scrolling down to "Default Log in Limit:" Here is a screen shot: http://screencast.com/t/SIsQZktAG
For example, if you enter "3", only 3 different IP's would be able to access the membership using the same username or password. Three or four is a good number to use. This usually allows a member to log in from work, home, mobile phone, and an extra location (like a coffee shop) of their choosing. You shouldn't see major abuse with that number.
In addition, it's high enough to not irritate your paying membership. Another good precaution is to keep watch on your Registration URL. This is usually used with Simple Integration. Although, some people give it out to trusted friends to sign up for free (so they don't have to manually add them). However, that FREE URL works for non-trusted people as well.
Keep the Registration URL as hidden as possible. In other words, you probably don't want a copy of the Registration URL on your front page. If you suspect that your Registration URL is being abused, you can always update the end of the URL with another similar set of random characters. Just make sure update it accordingly elsewhere if needed.
Also, keep an eye on your membership sign ups and your payments. You should be aiming to have equal payment notifications compared to new member sign ups. If there is a sudden increase in sign ups without payments, and your not doing a give-away promotion, that could be FREE Registration URL abuse.
At that point, you could look at the free sign ups, and determine what you want to do. You can send them an e-mail asking where they got the sign up, ban the member, or even ban the IP address from visiting your site. You can ban members by going to Wishlist Member Dashboard > Manage Members > Blacklist. In the appropriate box, just add the Email and IP address.
By keeping the amount of IPs to a minimum, protecting your Registration URL, watching your payments, and banning members and IP addresses, you should have a membership site free of unwanted site crashers.
