Ensuring Your Membership Site is Protected

Within this article we are going to look at protecting your membership site from freeloading sign ups. Let's look at some ways to give you even more protection.

So how do people sneak in without paying or paying full price? A common technique is to buy a membership, and then pass it on to their friends or even resell the membership. Suddenly you have freemember2010 logging in from all over the planet! This person gets around. He's in logging in from Australia one minute, and New York the next.

How do you stop him? Restricting the number of IP addresses puts a stop to much of the abuse. Basically you're telling your membership site to only allow a log in from so many locations a day. That includes log ins from freemember2010. You can see this by going to Wishlist Member > Settings and then scrolling down to "Default Log in Limit:"

Here is a screen shot: http://screencast.com/t/SIsQZktAG

For example, if you enter "3", only 3 different IP's would be able to access the membership using the same username or password. Three or four is a good number to use. This usually allows a member to log in from work, home, mobile phone, and an extra location (like a coffee shop) of their choosing. You shouldn't see major abuse with that number.

In addition, it's high enough to not irritate your paying membership. Another good precaution is to keep watch on your Registration URL. This is usually used with Simple Integration. Although, some people give it out to trusted friends to sign up for free (so they don't have to manually add them). However, that FREE URL works for non-trusted people as well.

Keep the Registration URL as hidden as possible. In other words, you probably don't want a copy of the Registration URL on your front page. If you suspect that your Registration URL is being abused, you can always update the end of the URL with another similar set of random characters. Just make sure update it accordingly elsewhere if needed.

Also, keep an eye on your membership sign ups and your payments. Ideally you should have fairly equally payment notifications for each new member sign up. If you aren't doing a give-away promotion and suddenly see an increase in sign ups without payments coming in, that could be a FREE Registration URL abuse.

At that point, you could look at the free sign ups, and determine what you want to do. You can send them an e-mail asking where they got the sign up, ban the member, or even ban the IP address from visiting your site. You can ban members by going to Wishlist Member Dashboard > Manage Members > Blacklist. Then just add the E-mail or IP address in the appropriate box.

By keeping the amount of IPs to a minimum, protecting your Registration URL, watching your payments, and banning members and IP addresses, you should have a membership site free of unwanted site crashers.