[s2Member-Security-Badge v="1" /]

s2Member®

An s2Member Security Badge can be used to express your site’s concern for security. Demonstrating to all users that your site (and s2Member) take security seriously.

See: WordPress Dashboard s2Member General Optionals Security Badge


Instructions: Qualifying Your Site

To qualify your site you will need to enable s2Member’s Security Badge Status API & generate a Security Encryption Key in your Dashboard—with s2Member installed as an active plugin. Also, there are a few additional requirements set forth below. Some of these requirements pertain to WordPress security in general, and some of these requirements are s2Member-specific.

What we want to see is that you’ve made an effort to tighten security on your installation of WordPress by following these guidelines. Your site and your users will be safer as a result. Once you’ve completed the steps below, it can still take up to 12 hours for your s2Member Security Badge image to show a green status for the first time.


  • Is your s2Member Badge Status API enabled?

    Please see: WordPress Dashboard s2Member General Options Security Badge Badge Status API



  • Have you created a Security Encryption Key for your s2Member installation?

    Please see: WordPress Dashboard s2Member General Options Security Encryption Key

    This MUST be at least 60 characters in length.



  • Have you configured your s2Member Unique IP Restriction Options yet?

    Please see: WordPress Dashboard s2Member Restriction Options Unique IP Restrictions

    This must NOT be set to a value of: infinite.


  • Have you configured your s2Member Brute Force IP Restrictions yet?

    Please see: WordPress Dashboard s2Member Restriction Options Brute Force IP Restrictions

    This must NOT be set to a value of: infinite.


  • Have you disabled debug logging in your s2Member configuration yet?

    Please see: WordPress Dashboard s2Member Log Files (Debug) Logging Configuration

    All logging MUST be disabled to prevent log files that may contain sensitive data. In addition, any existing log files from previous debugging efforts MUST be deleted before your s2Member Security Badge will go green. See: WordPress Dashboard s2Member Log Files (Debug) for further details. The only way to bypass this requirement is to set a custom location for your s2Member log files. If you'd like to do this, please create this directory and file: /wp-content/mu-plugins/s2-logs-dir.php

    <?php // Requires PHP 5.4+.
    add_filter('ws_plugin__s2member_logs_dir', function($dir){
      return ($dir = '/absolute/path/to/my/custom/logs/dir');
      // Ideally a location outside of the HTTP space (more secure).
      // Something like: /var/log/s2member
    });
    

Test Your Own Badge Status

Look at your installation here: www.yoursite.com/?s2member_s_badge_status=1. If you visit this link on your WordPress installation you should get a plain text file that contains only a single value of: 1 (indicating your site is in the green with s2Member). If you don’t, one of the above is the likely cause. Please go back over your configuration. Once this shows a value of 1, it can still take up to 12 hours for your s2Member Security Badge image to show a green status for the first time.


s2Member Security Badge Variations

There are a few different Security Badge variations. Which variation you decide to go with is completely up to you. You can adjust the variation that you display on-site by modifying the Shortcode Attribute: v="1|2|3". For further details on this Shortcode, please see: WordPress Dashboard s2Member General Options Security Badge

[s2Member-Security-Badge v="1" /]

s2Member®

[s2Member-Security-Badge v="2" /]

s2Member®

[s2Member-Security-Badge v="3" /]

s2Member®