zielakxar

So I’ve managed to find responsible file in /classes/wp-security-wp-loaded-tasks.php

On the bottom there’s:
static function aiowps_login_init() Function
If you comment out it’s contents the unwanted redirection is gone.

Now I’d just wish I had a method to disable it in my fuctions.php or using method that would let me avoid necesity for making those edits each time I update the plugin

It might be good idea for to suggest the devs to add some extra setting there for membership sites so people could customize it and get their users redirected to custom link instead of wordpress profile.

• This reply was modified 4 years, 1 month ago by zielakxar.
• This reply was modified 4 years, 1 month ago by zielakxar.

Thank you.

Let me know if there’s an update

They do have such function – and I am using it. Like I’ve explained above – when user logs in via wp-login.php he does get redirected properly to membership content.

Problem is the user sees wordpress profile (/wp-admin/profile.php) instead wp-login.php when they’re comming back and are logged in already due to how browser remembers the session.

I’m a dev myself – maybe you could at least direct me to a file/code where this redirection happens in AIO security so I can dig through and disable it?

• This reply was modified 4 years, 1 month ago by zielakxar.
• This reply was modified 4 years, 1 month ago by zielakxar.
• This reply was modified 4 years, 1 month ago by zielakxar.

No cache plugin, only login captcha is enabled in Brute Force tab.

Tho when I test it seems like even with all plugin features disabled redirection still happens. Simply having plugin activatet causes redirection.

What features have you enabled in aiowps plugin?

Login Lockdown (one that blocks IP after number of failed logins)
Login Captcha

What role is assigned to WP users in your site?
What membership plugin are you using in your site?

Custom Role plugin related from S2member (s2member level 1, s2member level2 etc)

What are you trying to achieve by allowing your members to login using wp-login.php while they are logged in as members?

I’d like to avoid confusing our users as after login they should see membership page content and not wordpress profile. Additionally I’d like users to be able to log in to different account even when they’re already logged in as it is in default wordpress behaviour.

Let me explain why is it confusing for the membership page users:
1: User gets his membership email with password and link go /wp-login.php
2: When user Loggs in for the first time everything works as intended cause he gets redirected to membership content thanks to how s2member (or any membership plugin) handles it.
3: User closes the browser/tab, does something else.
4: After a while User would like to come back to membership page but has forgotten the URL so he thinks about logging in again and goes to his email – clicks login page again so /wp-login.php. This is where the problem starts.
5: User has no idea what is going on cause instead of login he sees his profile page (cause browser remembered his login session) – there are no links on profile page that lead to membership content, user doesn’t understand why was he redirected to the wordpress profile page and contacts support claiming his membership doesn’t work and he can’t log in to access membership page content

That is why I’d like even logged in users to be able to see /wp-login.php page even if they’re already logged in as is in default wordpress. Otherwise vast majority of users won’t understand meaning of their profile page viewed to them when they’re already logged in.

I’d like our website to be intuitive – also for people who don’t use computers too often and will easily get confused when they try to access their membership content.

• This reply was modified 4 years, 1 month ago by zielakxar.
• This reply was modified 4 years, 1 month ago by zielakxar.
• This reply was modified 4 years, 1 month ago by zielakxar.

When someone is demoted cause EOT time has passed he loses all his membership levels / custom capabilities.
Such user is visible as “subscriber” with a note in his profile like:
“Demoted by s2Member: Mon Nov 30, 2015 9:35 pm UTC”
Problem is I cannot see what level/custom capabilities that user had before he was demoted.

I was using a cache plugin but now it is disabled – as i read about problems with w3cache and mobile detector and wanted to avoid them.

Also i’m not sure where in php code is that websitez-mobile=0 catcher thats supposed to set website to full wersion, all i’ve found in php is cookie setting allowing to switch wersions but i have some trouble using it for my purpose.

Somethig doesnt seem to work with this sollution.
i create link like
https://www.mywebsite/something?websitez-mobile=0
and in my android tablet it is still displayed in mobile template (colbalt-mobile)
Help !