Protected Woocommerce products not available to some members

Hello, I am using s2member to restrict certain Woocommerce products to paying members only. I’m not trying to use Woocommerce to replace the standard sign up and payment for s2member, just offering members only products. When some members go to the restricted product page they get redirected to the members option page. These members do have the right member levels to access the product and their memberships haven’t expired.

All of the other protected pages, categories, posts, etc. on my site seem to be working normally for all my members. I can also see the ID of the Woocommerce product in my list of restricted items along with the other restricted pages.

Additionally, some members can get to the restricted products while other can’t access the restricted Woocommerce products. They get the members options page instead of the product page. The only thing that appears to be common from the users that can’t access is that they’re from Canada. The site I’m having trouble with is hosted in the US but I think that is just a coincidence. I don’t have anything restricting Canadians on the site.

I am hosting on WPEngine and I thought those pages might be getting caught in their caching. However, they have confirmed that Woocommerce pages are not being cached on the server. I am also not running any other caching plugins on the site which might cause this.

I’ve asked the members having problems to logout and log back in, clear cookies, disable ad blockers, etc. but that doesn’t seem to help. They still are still getting the members option page.

Is there another setting somewhere that I need to change to make restricted Woocommerce products available to all members?

Please let me know if I can provide any more details on my issue.

Thanks,

Collin

That’s an interesting behavior… Only thing that comes to mind is some inconsistent use of www in the links to those pages… https://www.s2member.com/forums/topic/dont-mix-www-and-without/

What is the URL of the redirection to the Membership Options Page, does it include the MOP vars? What are they? WP admin > s2Member > API Scirpting > Membership Options Page / Variables

Cristián,

Thanks for the response! The site is currently running without the www prefix. We’re just resolving to the domain name (ex. example.com and not www.example.com).

When I go to the Woocommerce product and add the www to it’s URL, I get the members option page. That page has a query string that looks like this (values changed for privacy): ?_s2member_vars=post…level…1…post…1234…[base64 string]%3D&_s2member_sig=[long id string]. If I’m reading this right, the page is should be accessible by level 1 members and the post ID matches the products post. I also ran the string through a base64 decoder and it matches the product URL. The people who can’t access the product appear to have the correct permissions (greater than level 1) to view the product page.

If this is the issue, I’m not sure where they’re getting the www from. All the links to the product I’ve been able to find don’t have the www on it. I’ll check soon and see if there might still be some www links in the database and update those just in case. I’ll also ask WP Engine and see if they can automatically force non-www pages.

Additionally, I’ll send the members who are having issues to manually put in the product URL without the www and see if they still get the members option page.

Is there anything else I need to check?

Thanks again for the help!

Collin

That sounds good.

If they get sent to the membership options page again, ask them what page they were on before and what link they used. Ask them also to send you the URL, so you can also check its base64 string in the vars, and see what it looks like, maybe it gives a hint.

Cristián,

I heard back from my client. I asked the people having issues to copy and paste the non-www URL that has the link to the protected Woocommerce product we’re having an issue with. When they then click on the product link, they’re still getting the member options page.

They also provided me the URL of the member options page they get to. It looks like it has the query string (ex. ?_s2member_vars=post…level…1…post…1234…[base64 string]%3D&_s2member_sig=[long id string]) that corresponds to the page they’re trying to get to.

One other thing I tried was creating a local server with a copy of my site and changing the a problems member password and logging in as them. When I did that, I was able to navigate to the restricted product without getting the members only page. I haven’t tried change the member’s password on the live site yet (need to ask permission first) but that action should let us know that they do have the right permissions to view that page.

Finally, I’ve asked those members to try logging in with an incognito browser to make sure an add on isn’t affecting something somewhere?

Since it works on the local server, could some other server issue be preventing them from getting to that page? If so, is there anything specific that I should ask WP Engine to ask?

Thanks,

Collin

Could you explain this a bit more, please? I’m not sure I understand the steps to reproduce it, or what the behavior is exactly. Thanks!

When base64_decode that base64 URI, what do you get? If you go to that URI, what happens?

Cristián,

There’s a program (https://localwp.com/) that lets you copy and host entire WP Engine sites on your local machine. I was using a copy of the live site on my computer to login to the problem account and try to get to the restricted Woocommerce product. It appeared to work as expected when run locally.

I did run the base64 string through the decoder and it’s my url with an additional 7 at the end (ex. /products/my-product-name/7). Could that addtional 7 be the issue? If so, do you know where it might have come from?

Thanks for the help!

Collin

Interesting…

You have the same configuration in that site than the live one? Because it has to do with the URL, I don’t know if it could have to do with the WP options: WP Admin > Settings > Permalinks

If you add or remove that 7, does it affect your access to the page?

The decoded URL includes the http and subdomain (e.g. www) part? Is it consistent with the rest of the site?

Cristián,

I’m not sure what you mean by configuration. The Local app downloads the files and database from WP Engine and sets up a local server so you can test things locally. Since I’m on a Windows machine, the hosting environment will be definitely be different from WP Engine.

The domains on the permalinks setting page match the site so I’m not sure if that’s it.

When I add 7 to the end of the url I get redirect to the restriced Woocommerce product page. I don’t have any plugin or server redirects set up for that page though. It could be a Woocommerce action that’s redirecting that.

The decoded URL does not include the http/https or the domain. It’s just the path of the restricted Woocommerce product. Should the base64 string include the domain name too?

Please let me know if I can dig up any more clues for you.

Thanks!

Collin

Thanks.

Well… I’d like to take a look myself, reproduce the behavior, inspect it closer and see if I can notice a new clue… Could you send me a login privately? you can use support at wpsharks com.

Cristián,

I’ve sent you a new user invite at that address. Please let me know if that gets you in or you need any more detail about how the site is put together.

Thanks,

Collin

Thanks Collin.

I was able to login.

I tried a couple of the protected products and could see them as admin, and was redirected as guest, but I need to see the behavior of a user with access that gets redirected.

Could you email me to that address and tell me what pages have that behavior/problem, and how to reproduce it so I can take a look?

Do you have a test user at the members level (level 1?), or could you create one for me to test with?

Thanks!

Cristián,

Yes, I will email you the URLs that we’re having issues with. If you’d like, I can set up a copy of the current site on a staging site so you can change settings and do more extensive testing.

Is there a specific email that I can use to set up the member account? If not, I’ll just use null@ then you can use your admin access to update that member.

The member levels are mostly for internal purposes. As long as you have level 1 access, you should have access to all the protected content.

Thanks,

Collin

Cristián,

Good morning, just checking in to see if you’d been able to take a look around my site. Please let me know if I need to get you any more details on the issue.

Thanks,

Collin

Cristián,

Hello again, have you been able to take a look at this issue? We’re still getting reports of people not being able to the restricted Woocommerce product. Please let me know if you have any ideas of what might be causing this.

Thanks,

Collin

Cristián,

My client has asked me to disable the members only option on that product for now. If you want to test it, feel free to make it members only. There’s not a lot of visits on that page so it shouldn’t inconvenience too many people.

If needed, I can create a staging site for you and add the members only protection back in if that would be helpful.

Please let me know if there’s anything else you need to help diagnose this issue.

Thanks,

Collin

Cristián,

It’s been a couple of weeks since I’ve heard back from you on this issue. Are you missing any information or has this thread been closed? Please let me know if you’re waiting on something from me and I’ll do my best to get it to you right away.

Thanks,

Collin