Awesome membership plugin. Monetize your site. Easy and quick to use. You can protect your content in a moment, and a moment later be ready to get payments for access. Easy to configure and very versatile. Protect the whole site, nothing, or just parts, even files for download. Sell access with single payments or as subscriptions.

Packed with features, but not required to use all, just those you want. Some of them:

  • User levels and custom access capabilities
  • Content protection (post, page, category, tag, etc)
  • Protect anything served by WP (post types, URLs)
  • File protection (sell downloads)
  • Prevent account sharing (limit IPs, simultaneous logins)
  • Protect accounts (limit failed login attempts)
  • Cool security/trust badge with your domain
  • PayPal Standard buttons for payments (more in Pro)
  • Automatic user demotion at end of paid access time
  • Tracking software integration (affiliates, etc)
  • Email services (Mailchimp, etc)
  • Notifications (signups, payments, etc)
  • Integrate with bbPress, BuddyPress
  • Compatible with any well coded theme (Elementor, etc)
  • Customize the WP login/registration look
  • Create custom profile fields
  • Customize the user welcome email

Not needed to know PHP code or be a developer. Just copy-paste wp shortcodes (paypal buttons), and tweak it (price, description, etc).

Over 11 years of experience, development, releases… Still going and growing!

Some reasons to get s2Member Pro

  • Content dripping
  • Stripe, PayPal Pro, Authorize.Net, ClickBank
  • Unlimited membership Levels
  • Renewal reminder emails
  • Single-step registration and payment with pro-forms
  • Custom redirection after payment
  • Coupon codes and gift/redemption codes
  • Custom offers after login
  • Pro API for new integrations
  • Public members directory
  • User bulk import/update/exporter
  • Multisite network support
  • Login and registration forms to use in pages/posts
  • Click here for more 🙂


Copyright ©2013 WP Sharks

Released under the terms of the GNU General Public License.


  • s2Member Screenshot #1
  • s2Member Screenshot #2
  • s2Member Screenshot #3
  • s2Member Screenshot #4
  • s2Member Screenshot #5
  • s2Member Screenshot #6
  • s2Member Screenshot #7


NOTICE: For help with s2Member Pro, please use our forum.

s2Member is very easy to install

Just like any other normal plugin:

  • From the WP Admin’s Plugins Add New Screen.
  • Or via FTP upload the s2member folder from the zip to your /wp-content/plugins/ directory.
  • Activate it from Plugins page in your WordPress Admin.

Here’s a quick-start video for a simple basic setup to get you started.

See also

Detailed installation/upgrade instructions.

Is s2Member compatible with Multisite Networking?

Yes, requires s2Member Pro for Unlimited Sites. After you enable Multisite Networking, with s2Member Framework and Pro active, navigate to s2Member → Multisite (Config) in the Dashboard on your Main Site.


NOTICE: For help with s2Member Pro, please use our forum.

Is s2Member compatible with Multisite Networking?

Yes, s2Member Pro for Unlimited Sites is compatible with Multisite Networking. After you enable Multisite Networking, with s2Member Framework and Pro enabled, navigate to s2Member → Multisite (Config) in the Dashboard on your Main Site.

Where can I find more information?

Translating s2Member

Please see: http://s2member.com/r/translations/


8 Հուլիսի, 2022
I've been using s2Member for 9 years and finally have the opportunity to update the theme to Divi. While working on reformatting page designs, I noticed that some of the s2Member shortcode was not working. I reached out to support and within an hour, Cristián responded. He gave some suggestions. It took about 3 back and forth emails to nail down the solution. All of this took place in only a few hours. Amazing support of a high-end plugin and much appreciated. This is one of the reasons I stick with s2Member. Support has always been great! Thanks Cristián!
19 Մայիսի, 2022
After I have installed this plugin, it was looking good and the functionality of the plugin was great. But for some reason, I was having a problem logging in with my sidebar login menu. At first, I was not sure why then my user contacted me and told me that they can not log in and were having errors. After I deactivate this plugin the error went away and the user was able to log in with no problems.
20 Ապրիլի, 2022
This membership plugin does a lot and has many, many configuration options to achieve whatever you want. Cristian went out of his way and helped me diagnose a problem restricting part of another plugin. I received extremely quick and reliable support.
1 Փետրվարի, 2022
I am not sure what some of the users here have been doing but I have built with most Membership plugins and literally dozens using S2 Pro and I can tell you, bar none it is the best of all of them. Extremely powerful, anything you might want to do it can do. There is a strong S2 Member community forum with all the answers you might need, a pool of skilled developers and the S2 pro deal is the software deal of a lifetime. php scripting anyone!! Given the huge power and value of S2 Pro for literally almost peanuts it's unrealistic to expect "on call support" but there is support, and really you won't need it, the plugin is extremely well documented inside Wordpress admin and there is all the information you might need in the free community website. The same developers do their own cache plugin works works perfectly with S2 pro called comet cache ( another excellent deal), I highly recommend you try it out, my thanks go to the S2 developers for their fine software
2 Հոկտեմբերի, 2021
I bought S2Member a few weeks ago thinking this would solve my issue of providing memberships on my website. Unfortunately, this plugin is incredibly limited. There's no cart integration which means you're stuck forcing users to purchase your subscriptions separately from other products/services you might have available. On top of that, S2Member is incapable of minifying it's JavaScript files. This is something minor when it comes to SEO, but the fact that it causes the issue without any indication down the road it will be a priority. Lastly, I emailed them (because it's the only way to contact them) to ask for a refund. It's been a month and I haven't gotten a response. I'm not sure why it's ratings are so high in the first place.
Read all 204 reviews

Contributors & Developers

“s2Member” is open source software. The following people have contributed to this plugin.


“s2Member” has been translated into 2 locales. Thank you to the translators for their contributions.

Translate “s2Member” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • (Pro) UI Enhancement: In ClickBank Options admin page, added note about keeping IPN encryption disabled.

  • (Pro) Enhancement: Removed ClickBank’s name from the notify, return, and success URLs, replaced with just cb. Kudos to Eduardo for telling me about this. See thread 9910

  • (Pro) Enhancement: Added a PayPal payment request ID to help prevent random/rare PayPal duplicate charges. Kudos to Nathan for his help. See thread 7999

  • (Framework) UI Enhancement: Admin page panels widened for larger displays.

  • (Framework) UI Enhancement: Simplified Getting Started and Getting Help admin pages.

  • (Framework) UI Enhancement: In PayPal Options admin page, updated paths and links to PayPal settings.

  • (Framework) Bug Fix: Removed the Security Badge’s link to the old Flash powered page on s2Member’s site.

  • (Pro) UI Enhancement: Small improvements to the Pro upgrader.


  • (Framework) Enhancement: New current_user_days_to_eot_less_than function for conditionals. Useful when you want to show a message to a user on his last days of access before the EOT time in his profile. E.g. [s2If current_user_days_to_eot_less_than(31)]Please renew your membership[/s2If]. Kudos to Felix for his help, see post 6783.


  • (Framework & Pro) Enhancement: Improved PHP compatibility to 8.1.

  • (Framework) UI Fix: More Updates link fixed.


  • (Framework) Enhancement: New current_user_gateway_is function for conditionals. Useful for sites using more than one gateway. E.g. [s2If current_user_gateway_is(stripe)] ...

  • (Pro) UI Fix: Removed “Image Branding” setting from s2’s Stripe options, not used in current integration.


  • (s2Member Framework & Pro) UI Enhancement: Started improving the admin interface. Lightened up the colors, and changed the layout a little bit.

  • (s2Member Framework) UI Enhancement: Added title tag to buttons to manage custom profile fields in admin, to improve use with screen-reader. Thread 8836

  • (s2Member Pro) UI Fix: Fixed typo in pro-form rrt attribute description. Issue 1204

  • (s2Member Framework) Bug Fix: Registration Date sometimes wasn’t formatted correctly with the s2Get shortcode. Thread 8730


  • (s2Member Pro) Enhancement: In the Stripe integration, cancelling a subscription in the last minutes of a period, may cause the invoice for the new period to remain there and still be charged later. Now s2Member Pro attempts to find a draft or open invoice for the subscription being cancelled, and void it. Thanks Alan for reporting it. See post 8386.

  • (s2Member Pro) UI Enhancement: Improved Stripe pro-form error message when trying to create a subscription with a bad card. Thanks everyone that reported it. See issue #1184, post 6043, and post 8386.

  • (s2Member Pro) Enhancement: Added the new action hooks ws_plugin__s2member_pro_before_stripe_notify_event_switch and ws_plugin__s2member_pro_after_stripe_notify_event_switch in the Stripe endpoint to allow customizations, e.g. new event handlers.

  • (s2Member Pro) UI Fix: Removed some leftover mentions of Bitcoin support in Stripe’s options.

  • (s2Member Pro) UI Fix: Removed a couple of deprecated shortcode attributes from the documentation for Stripe’s pro-form, leftovers from the old integration. Kudos to Debbie for bringing my attention to them. See post 8053.

  • (s2Member Framework) UI Fix: Fixed some broken links and video players in the admin pages.

  • (s2Member Framework) Bug Fix: Resolved a warning given when changing users role in bulk from the WP Admin > Users page.

  • (s2Member Server Scanner) Bug Fix: Updated the Server Scanner to remove some outdated warnings.


  • (s2Member Framework) Bug Fix: View Password icon WP’s login page was not displaying correctly. Kudos to Beee4life for reporting it. See issue #1187

  • (s2Member Framework and Pro) Enhancement: Refactored PHP’s deprecated create_function with anonymous functions. Kudos to Berry for reporting it, see post 6069

  • (s2Member Framework) Bug Fix: Added a check for empty return variable before trying to use it in paypal-utilities.inc.php.

  • (s2Member Framework) Bug Fix: Added checks for undefined indexes before trying to use them in paypal-return-in-subscr-or-wa-w-level.inc.php.

  • (s2Member Framework) Bug Fix: Added a check for undefined index before using it to define a couple of s2 constants. Kudos to Berry for reporting it, see post 8181

  • (s2Member Pro) Bug Fix: s2’s payment notification when creating a Stripe subscription, was being sent twice. Added a check to ignore the webhook for the subscription’s on-session first payment; s2’s webhook endpoint is for off-session events.

  • (s2Member Framework) Enhancement: Added a new hook for the payment notification on subscription creation or buy now payments.

  • (s2Member Pro) Bug Fix: Stripe paid trials were accumulating on failed payment attempts, causing a larger charge when it finally succeeded. Kudos to Alan for his help through the many attempts to fix this one, see post 7002.

  • (s2Member Pro) Enhancement: Stripe duplicate payments were happening randomly to a few site owners, apparently from bad communication between their server and Stripe’s. Added idempotency to prevent duplicates. Kudos to Alan and everyone in the forum that reported and gave details on this behavior, see post 7002


  • (s2Member Pro) Enhancement: Added “Powered by Stripe” to Stripe pro-form’s payment card field. Kudos to Josh, see post 6716.

  • (s2Member Pro) Bug Fix: Stripe subscription cancellations were not happening when they should. This release updates the API integration for it and fixes that behavior. Kudos to Matt for reporting it, see post 6909.

  • (s2Member Pro) Bug Fix: Updating the card with Stripe’s pro-form sometimes gave an incorrect “missing billing method” error. Kudos to Corey, see post 7058.

  • (s2Member Pro) Small fix: Removed Bitcoin mention next to Stripe in Gateways list. Missed it in v191022.


  • (s2Member Pro) Bug Fix: In some rare cases, another plugin loaded Stripe’s class before s2Member, so when s2 tried loading it there’d be an error. This release fixes the check for the class before trying to load it. See issue #1170

    Note: s2Member won’t have control over what version of the Stripe SDK was loaded by the other plugin. You’ll need to get that other plugin to have an up-to-date version. If you don’t have another plugin loading Stripe, this is not relevant to you.

  • (s2Member Pro) Bug Fix: When using a 100% off coupon, requiring no payment, the Stripe pro-form was still loading the card field and requiring it, preventing the free signup. That’s fixed in this release. See issue #1171

  • (s2Member Pro) Bug Fix: The Stripe pro-form, when given an invalid card, didn’t give a clear error message for it, and instead just “invalid parameter”. Now it shows the correct card error, making it possible for the customer to try a different card to complete the payment.

  • (s2Member Pro) Feature Update: The Indian Rupee was added to the list of currency symbols.

  • (s2Member Pro) Feature Enhancement: The s2Member Pro add-on, not being a regular plugin was not uploadable via the WP plugin manager. This made it necessary to FTP, which is complicated for some site owners. In this release I made it possible for the plugin manager to upload or remove the Pro add-on.

    Note: It still is not a regular plugin. The activation link or status in the plugins manager is irrelevant, but I couldn’t find how to remove it. s2Member Pro activates automatically when its version matches the Framework’s, and it’ll be mentioned next to the Framework’s version in the plugins manager.


  • (s2Member Pro) Feature Enhancement: The Stripe pro-forms can now handle 3D Secure 2 for Strong Customer Authentication, as required by the new European regulation that came into effect recently. Props to those in the beta testing group, especially Brice and Felix. See thread 5585.

  • (s2Member Pro) Feature Enhancement: The Stripe pro-form now has the card field inline, instead of opening a modal to enter it. Before it required clicking the link to open the modal, enter the card details, submit that, and then submit the pro-form. Now you enter the card details as part of the pro-form. See issue #588.

  • (s2Member Pro) Stripe Integration Updates: Upgraded the Stripe PHP SDK from v1.18 to v7.4.0, and the API from 2015-07-13 to 2019-10-08. Upgraded the integration from the Charges API to the latest Payment Intents API. Upgraded the card input from the old Stripe Checkout modal, to the new Stripe.js and Elements.

  • (s2Member Pro) Optimization: Stripe’s JavaScript now only gets included if the page has a Stripe pro-form.

  • (s2Member Pro) Removed Stripe Bitcoin: Stripe dropped Bitcoin last year, it’s not available anymore. This update removes the Bitcoin options and mentions from the s2 admin pages.

  • (s2Member Pro) Bug Fix: Subscriptions without at trial were showing a “trialing” status in Stripe for the first period. This behavior has now been solved. It will only say trialing when you set a trial period (free or paid) in your Stripe pro-form shortcode. See issue #1052.

  • (s2Member Pro) Bug Fix: The Stripe pro-form installments via the rrt shortcode attribute were charging an extra payment before ending the subscription. There was an error in the time calculation for this. This is solved in this release. Props to Brice. See thread 5817.

  • (s2Member Pro) Bug Fix: Some payments through the Stripe pro-form were creating a new Stripe customer when the user was already a customer. The Stripe customer ID was not being saved correctly in the user’s profile. This is solved in this release. Props to demeritcowboy for reporting it.


  • (s2Member) PayPal Integration Update: PayPal deprecated the subscription modification button. Using the old possible values for this, now gives an error on PayPal’s site. This button has been removed from the PayPal Standard integration in s2Member. Props to Tim for reporting it, see forum thread 5861, and issue #1157.

  • (s2Member) Bug Fix: PayPal would sometimes return the customer without the Custom Value expected by s2Member, incorrectly triggering an error. A small delay has now been added when needed to wait for PayPal to provide the missing value, so that the customer is met with the correct success message on return. Props to Josh Hartman for his help. See forum thread 5250.

  • (s2Member) Bug Fix: Google’s URL shortening service has been discontinued. The s2Member integration with it was removed in this release. Props to Felix Hartmann for reporting it.

  • (s2Member) Feature Enhancement: The popular URL shortening services have been abused in spam emails, and this can cause your site’s emails with shortened signup URLs to end up in the spam folder. It’s now possible to disable URL shortening when trying to avoid this problem. Props to Felix Hartmann for suggesting it. See forum thread 5697.

  • (s2Member Pro) New Feature: It is now possible to use a custom URL shortener other than the defaults in the s2Member Framework. This is particularly useful to use YOURLS for your links, making them unique to your site, looking more professional and avoiding the spam filters issue mentioned above. For more info see this forum post.


  • (s2Member Pro) Authorize.Net Hash Upgrade: Authorize.Net announced the end-of-life for their MD5 Hash in favor of their new SHA512 Signature Key. Support for this has been added to s2Member Pro. The MD5 Hash is not provided by Authorize.Net any more, so the field for it in s2Member has been disabled. Props @krumch for his work. For further details see forum thread 5514.

    Note: For those that already used the MD5 Hash in their configuration, it is kept there and will keep working while Authorize.Net accepts it, which will not be much longer. It’s important to update your integration with the new Signature Key. Once you have your Signature Key in the s2Member configuration, it will be favored over the old MD5 Hash._

  • (s2Member Pro) Bug Fix: The multisite patch for wp-admin/user_new.php wasn’t finding the code to replace because of changes in the latest releases of WordPress. It has now been updated, as well as the instructions in the Dashboard for those that prefer to apply it manually. Props @crazycoolcam for reporting it. For further details see Issue #1132.

    Note: If you already had patched this file in the past, it’s recommended that you remove the previous patch restoring it to the original file, and let s2Member Pro patch it again now, otherwise you risk getting it patched over the previous one and ending up with errors. After the new patch, please review that file to verify that it’s correct._

  • (s2Member Pro) Bug Fix: The search results for s2Member-List were not being ordered as specified in the orderby attribute when this was a field from the usermeta table in the database, e.g. first_name, last_name. This is now fixed and working correctly. Props to @stevenwolock for reporting it. For further details see Issue #1103.

  • (s2Member) WP 5.2 Compat. Enhancement: s2Member has been tested with WP up to 5.2.2-alpha. With WP_DEBUG enabled, only one “notice” was found. In wp-login.php it said ‘login_headertitle is deprecated since version 5.2.0! Use login_headertext instead.’ This release now uses login_headertext and doesn’t get that notice anymore. Props Azunga for reporting it. See forum thread 5962.


  • (s2Member/s2Member Pro) PayPal IPN Compatibility: This release includes an updated PayPal IPN handler that is capable of reading number-suffixed IPN variables that are now being sent by PayPal’s IPN system in some cases, for some customers. We strongly encourage all site owners to upgrade to this release as soon as possible, particularly if you’re using PayPal to process transactions. Props @openmtbmap and @patdumond for reporting. See: Issue #1112


  • (s2Member/s2Member Pro) PHP v7 Compat. Enhancements: This release adds an integration with the Defuse encryption library for PHP, making it possible for s2Member to move away from the mcrypt_*() family of functions in versions of PHP >= 7.0.4, where the mcrypt library has been deprecated — mcrypt_*() will eventually be removed entirely.

    Starting with this release of s2Member, if you’re running s2Member on PHP v7.0.4+, the Defuse library will be used automatically instead of mcrypt. See Issue #1079.

    Note: Backward compatibility with mcrypt functions will remain for now, especially for the decryption of any data that was previously encrypted using RIJNDAEL-256; i.e., data encrypted by a previous release of the s2Member software. s2Member is capable of automatically determining the algorithm originally used to encrypt, which allows it to decrypt data using Defuse, else RIJNDAEL-256, else XOR as a last-ditch fallback.

    API Functions: s2member_encrypt() & s2member_decrypt(). These two API Functions provided by s2Member are impacted by this change. Starting with this release, if you’re running s2Member on PHP v7.0.4+, the Defuse library is used automatically instead of the older mcrypt extension. Not to worry though; the s2member_decrypt() function is still capable of decrypting data encrypted by previous versions of the s2Member software.

  • (s2Member/s2Member Pro) UI Fix: All menu page notices should be given the notice class and the additional notice-[type] class instead of the older generic updated and error classes. Fixed in this release. Related to Issue #1034

  • (s2Member/s2Member Pro) UI Fix: Plugins displaying Dashboard-wide notices using the older updated and error classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: Issue #1034

  • (s2Member/s2Member Pro) UI Fix: Improving color highlighting in input fields following a media library insertion; e.g., when adding a custom logo to the login/registration page.

  • (s2Member Pro) Bug Fix: Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See Issue #1077.

  • (s2Member Pro) Bug Fix: Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See Issue #1055.

  • (s2Member Pro) Stripe Bug Fix: This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS z-index setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user’s inability to enter details into the Stripe popup form. In this release, s2Member’s customization of the z-index stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles z-index adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See Issue #1057.

  • (s2Member/s2Member Pro) Security Enhancement: This release removes the %%user_pass%% Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see Issue #954. This Replacement Code was removed as a security precaution.

  • (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: ‘PHP Warning: Parameter 2 to c_ws_plugin__s2member_querys::_query_level_access_coms() expected to be a reference, value given’. This was resolved by removing the strict ‘by reference’ requirement from the list of parameters requested by s2Member.

  • (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: ‘PHP Warning: Illegal string offset ‘user_id’ in s2member/src/includes/classes/sc-eots-in.inc.php’. This was resolved by typecasting $attr to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

  • (s2Member Pro) Bug Fix: Incorrect default option value for reject_prepaid="" attribute in Stripe Pro-Forms. See: Issue #1089


  • (s2Member/s2Member Pro) JW Player v7: This release adds support for JW Player v7 in the [s2Stream /] shortcode. See Issue #774.

  • (s2Member Pro) Bug Fix: Allow Pro-Forms to use success="%%sp_access_url%%" without issue. See Issue #1024.

  • (s2Member/s2Member Pro) AWS Region: Adding AWS region ap-northeast-2. See Issue #1033.

  • (s2Member/s2Member Pro) AWS Region: Adding AWS region eu-west-2. See Issue #1033.

  • (s2Member) Bug Fix: This release corrects a minor server-side validation bug that was related to the use of non-personal email address. See Thread #1195 and Issue #1054.

  • (s2Member) Bug Fix: Updated several outdated links within the software; e.g., removing older www. references, correcting forum links, and more. Also corrected missing changelog. See Issue #1027.

  • (s2Member Pro) Pro Upgrader: The pro upgrader has been refactored and now asks for your s2Member Pro License Key instead of your s2Member.com password. The next time you upgrade to the most recent version of s2Member Pro, you will be asked for your License Key. You can obtain your License Key by logging into your account at s2Member.com. Once logged in, visit your ‘My Account’ page, where you will find your License Key right at the top. See Issue #668.

  • (s2Member/s2Member Pro) CloudFlare Compat.: Enhancing compatibility with Rocket Loader via data-cfasync="false" on dynamic s2Member scripts. See: Issue #1038.


  • (s2Member Pro) Bug Fix: Stripe refund notifications via the Stripe Webhook were always interpreted by s2Member as full refunds. This release corrects this bug so that s2Member will handle partial refunds via the Stripe API properly in all cases. Props @raamdev for reporting.

  • (s2Member/s2Member Pro) Bug Fix: Updating profile via [s2Member-Profile /] when changing email addresses may leave the old email address on configured email list servers in some scenarios. Props @renzms for reporting. For further details see issue #1007.

  • (s2Member/s2Member Pro) SSL Compatibility & Option Deprecation: In previous versions of s2Member there was a setting in the UI that allowed you to force non-SSL redirects to the Login Welcome Page. By popular demand, this setting has been deprecated and removed from the UI.

    New Approach: The new approach taken in the latest release of s2Member is to automatically detect when a non-SSL redirection should occur, and when it should not occur (i.e., when the default WordPress core behavior should remain as-is).

    s2Member does this by looking at the FORCE_SSL_LOGIN and FORCE_SSL_ADMIN settings in WordPress, and also at your configured siteurl option in WordPress. If you are not forcing SSL logins, or your siteurl begins with https:// (indicating that your entire site is served over SSL), non-SSL redirects will no longer be forced by s2Member, which resolves problems on many sites that serve their entire site over SSL (a growing trend over the past couple years).

    Conversely, if FORCE_SSL_LOGIN or FORCE_SSL_ADMIN are true, and your configured siteurl option in WordPress does NOT begin with https:// (e.g., just plain http://), then a non-SSL redirect is forced, as necessary, in order to avoid login cookie conflicts; i.e., the old behavior is preserved by this automatic detection.

    Overall, this new approach improves compatibility with WordPress core, particularly on sites that serve all of their pages over https:// (as recommended by Google).

    Backward Compatibility: As noted previously, the old option that allowed you to configure s2Member to force non-SSL redirects to the Login Welcome Page has been officially deprecated and removed from the UI. However, the old option does still exist internally, but only for backward compatibility. A WordPress filter is exposed that allows developers to alter the old setting if necessary. You can use the filter to force a true or false value.

    add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_true');
    // OR add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_false');

  • (s2Member/s2Member Pro) Bug Fix: Username/password email being sent to users whenever Custom Passwords are enabled in your s2Member configuration and registration occurs via the default wp-login.php?action=register form. Fixed in this release. See also: issue #870 if you’d like additional details.

  • (s2Member Pro) Bug Fix: In the [s2Member-List /] search box shortcode an empty action="" attribute produces a warning due to invalid syntax in HTML v5. Fixed in this release. See Issue #1006

  • (s2Member/s2Member Pro) IP Detection: This release improves s2Member’s ability to determine the current user’s IP address. s2Member now searches through HTTP_CF_CONNECTING_IP, HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_X_CLUSTER_CLIENT_IP, HTTP_FORWARDED_FOR, HTTP_FORWARDED, HTTP_VIA, and REMOTE_ADDR (in that order) to locate the first valid public IP address. Either IPv4 or IPv6. Among other things, this improves s2Member’s compatibility with sites using CloudFlare. See also: issue #526 if you’d like additional details.

  • (s2Member Pro) JSON API: In the pro version it is now possible to use the s2Member Pro Remote Operations API to send and receive JSON input/output. This makes the Remote Operations API in s2Member compatible with a variety of scripting languages, not just PHP; i.e., prior to this release the Remote Operations API required that you always use PHP’s serialize() and unserialize() functions when making API calls. The use of serialize() and unserialize() are no longer a requirement since input/output data is now sent and received in the more portable JSON format. For new code samples, please see: Dashboard → s2Member → API / Scripting → Pro API For Remote Operations. See also: issue #987 if you’d like additional details on this change.

    Note: The old s2Member Pro Remote Operations API has been deprecated but will continue to function just like before (via serialize() and unserialize()) for the foreseeable future. Moving forward, we recommend the new JSON code samples. Again, you will find those under: Dashboard → s2Member → API / Scripting → Pro API For Remote Operations

  • (s2Member/s2Member Pro) Enforce data types when determining PHP constants. See this GitHub issue if you’d like further details.

  • (s2Member/s2Member Pro) Phing Build Routines: Starting with this release, developers working on the s2Member project are now able to perform builds of the software via the websharks/phings project; i.e., the structure of the plugin directories has been changed (slightly) to conform to Phing and PSR4 standards. This makes it easier for our developers to prepare and release new versions of the software in the future.


  • (s2Member/s2Member Pro) WP v4.6 Compatibility. A full round of tests was performed against this release of s2Member, s2Member Pro, and the upcoming release of WordPress v4.6. In particular, the new HTTP API needed testing, along with the new optimized loading sequence in WordPress v4.6. Our tests indicate there are no compatibility issues, and we therefore encourage all s2Member site owners to upgrade to WordPress v4.6 whenever it becomes available publicly.

  • (s2Member/s2Member Pro) Bug Fix: Allow for < and > to work in the [s2If php="" /] shortcode attribute as expected. Some Visual Editors convert these into &lt; and &gt;, so it’s necessary to interpret them as such whenever the shortcode is parsed by s2Member.

  • (s2Member/s2Member Pro) JS API: Reducing the number of variables provided by the s2Member JavaScript API by default, and adding a new filter that allows them to all be enabled when/if desirable: ws_plugin__s2member_js_api_constants_enable. Props @JeffStarr for reporting.


  • (s2Member/s2Member Pro) Security Enhancement: This release forces CURLOPT_SSL_VERIFYPEER to a value of TRUE in the AWeber SDK that is used when/if you integrate with AWeber. In short, this forces AWeber to have a valid/verifiable SSL certificate before any data is exchanged between s2Member and the AWeber API behind-the-scenes. Props at WordPress security team for reporting this.


  • (s2Member/s2Member Pro) PHP Compat./Bug Fix: This follow-up release includes a patch that will prevent fatal errors when s2Member and/or s2Member Pro are installed on a site running PHP v5.2 or PHP v5.3; i.e., this release corrects a bug that was causing fatal errors on these older versions of PHP. Note that s2Member and s2Member Pro are once again compatible with PHP v5.2+, up to PHP v7.0. Props @krumch. See also: this GitHub issue for details.


  • (s2Member/s2Member Pro) WP v4.5 Compatibility. This release offers full compatibility with the latest release of WordPress v4.5. Nothing major was changed for standard WordPress installations, but there were a few subtle tweaks here and there to improve v4.5 compatibility. We encourage all users to upgrade right away.

    NOTE: WP v4.5 for Multisite Networks running s2Member Pro: This release corrects a bug first introduced in the previous release of s2Member Pro that resulted in an error message (Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found) when updating to WP v4.5. It has been corrected in this release, but in order to avoid this problem altogether please follow this procedure when upgrading WordPress.

    WP v4.5 Multisite Upgrade Procedure:

    • Upgrade s2Member and s2Member Pro ​before​ updating WordPress core.
    • Then upgrade WordPress core and observe that Multisite Patches are applied properly.

    If you have already upgraded to WP v4.5 and worked past this issue by patching manually, that’s fine. You can still upgrade s2Member and s2Member Pro. After the upgrade you may feel free to enable automatic patching again if that’s desirable.

  • (s2Member/s2Member Pro) Bug Fix: This release corrects a bug first introduced in the previous release which was causing a PHP warning about cf_stream_extn_resource_exclusions. A symptom was to have mysterious problems with [s2Stream /] or the [s2File /] shortcode. Fixed in this release. Props at @raamdev @renzms for reporting. See also this GitHub issue for details.

  • (s2Member/s2Member Pro) PayPal SSL Compatibility: This release of s2Member provides an https:// IPN URL for PayPal IPN integrations. It also provides a helpful note (in the Dashboard) about a new requirement that PayPal has with respect to the IPN URL that you configure at PayPal.com. s2Member has been updated to help you with this new requirement.

    New PayPal.com IPN Requirement: PayPal.com is now requiring any new IPN URL that you configure to be entered as an https:// URL; i.e., if you log into your PayPal.com account and try to configure a brand new IPN URL, that URL must use https://. PayPal.com will refuse it otherwise.

    However, the notify_url= parameter in standard PayPal buttons should continue to work with either http:// or https://, and any existing configurations out there that still use an http:// IPN URL should continue to work as well. So this is about planning for the future. We have been told that PayPal will eventually require that all IPN URLs use an https:// protocol; i.e., they will eventually stop supporting http:// IPN URLs altogether (at some point in the future), they are not giving anyone a date yet. For this reason we strongly suggest that you review the details given here.

    Since PayPal is moving in a direction that will eventually require all site owners to have an SSL certificate in the future, s2Member’s instructions (and the IPN URL it provides you with) will now be presented in the form of an https:// URL with additional details to help you through the process of configuring an IPN handler for PayPal.

    See: Dashboard → s2Member → PayPal Options → PayPal IPN Integration

    Props @codeforest for reporting. See this GitHub issue for further details.

  • (s2Member/s2Member Pro) Bug Fix: Email field on Registration page not shown as required via * symbol like other fields in this form. Caused by a change in WordPress core. Fixed in this release. Props @spottydog63 @renzms. See also: this GitHub issue for details.

  • (s2Member/s2Member Pro) Bug Fix: E_NOTICE level errors in cache handler when running in WP_DEBUG mode. Props at @KTS915 for reporting. Fixed in this release. See also: this GitHub issue.

  • (s2Member/s2Member Pro) i18n Compatibility: This release of s2Member moves the load_plugin_textdomain() call into the plugins_loaded hook instead of it being run on init. Props @KTS915 for reporting. See also: this GitHub issue for details.

  • (s2Member Pro) Multisite Patches: Fixed a bug (Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found) whenever WordPress was being updated and Multisite Patches were being applied in the pro version of s2Member. See: this GitHub issue for details.

  • (s2Member/s2Member Pro) Security Enhancement: This release of s2Member defaults PayPal Button Encryption to a value of on instead of off; i.e., there is a new default behavior. Existing s2Member installations are unaffected by this change, but if you install s2Member on a new site you will notice that (if using PayPal Buttons), Button Encryption will be enabled by default.

    Note that in order for Button Encryption to work, you must fill-in the API credentials for s2Member under: Dashboard → s2Member → PayPal Options → PayPal Account Details


  • (s2Member/s2Member Pro) Comet Cache Compat.: This release improves compatibility with Comet Cache (formerly ZenCache), whenever you have it configured to cache logged-in users. See also: this GitHub issue. Props @KTS915 for reporting!

  • (s2Member Pro) ClickBank IPN v6 Compat.: Version 6 of the ClickBank IPN system was recently updated in a way that causes it to return transactionType = CANCEL-TEST-REBILL in test mode, instead of the previous value, which was: TEST_CANCEL-REBILL. s2Member Pro has been updated to understand either/or. See also this GitHub issue for further details.

  • (s2Member Pro) Stripe Bug Fix: This release corrects a bug caused by typos in the source code that were preventing refunds from being processed as expected whenever Stripe was integrated. Props @YearOfBenj for reporting this important issue. Props @patdumond for relaying vital information. See also this GitHub issue if you’d like additional details.

  • (s2Member Pro) PayPal Bug Fix: Under some conditions, the EOT behavior in s2Member Pro (when integrated with PayPal Pro) would immediately terminate access whenever a customer’s subscription naturally expires. Recent versions of the Payflow system set the status to EXPIRED, and this was handled as an immediate EOT instead of as a delayed EOT that is subject to date calculations to determine the correct date on which a customer should lose access; i.e., based on what they have already paid for. Fixed in this release. See also: this GitHub issue if you’d like additional details.

  • (s2Member Pro) One-Time Offer Bug Fix: This release corrects some inconsistencies in the One-Time Offers system that comes with s2Member Pro. Symptoms included seemingly unpredictable behavior whenever redirections were configured without a specific Membership Level. Props @jacobposey for reporting. See also: this GitHub issue if you’d like additional details.

  • (s2Member/s2Member Pro) Bug Fix: s2Member was not properly respecting DISALLOW_FILE_MODS in a specific scenario related to GZIP. Props @renzms @kristineds. See also: this GitHub issue for further details.

  • (s2Member,s2Member Pro) Bug Fix: Resolved a minor glitch in the WordPress Dashboard → Settings → General panel, where s2Member’s notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: this GitHub issue if you’d like additional details.

  • (s2Member/s2Member Pro) PayPal Sandbox: This release updates the inline documentation under the PayPal Account Settings section of s2Member. We now suggest that instead of enabling PayPal Sandbox Mode (sometimes buggy at best), that site owners run tests with low-dollar amounts against a live PayPal account instead; e.g., $0.01 test transactions in live mode work great also. See this GitHub issue if you’d like additional details. Props @raamdev for mentioning this again.


  • (s2Member,s2Member Pro) Bug Fix: Resolved a minor glitch in the WordPress Dashboard → Settings → General panel, where s2Member’s notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: this GitHub issue if you’d like additional details.

  • (s2Member) Multisite Support: This release of s2Member (the free version only) removes full support for Multisite Networks, which is now a Pro feature; i.e., only available in the Pro version.

    Is s2Member still compatible with WordPress Multisite Networking?

    Multisite support is no longer included in the s2Member Framework. However, it is available with s2Member Pro. s2Member Pro is compatible with Multisite Networking. After you enable Multisite Networking, install the s2Member Pro Add-On. Then, navigate to s2Member → Multisite (Config) in the Dashboard of your Main Site. You can learn more about s2Member Pro at s2Member.com.

    I was using the free version in a Multisite Network before. What happened?

    s2Member (when running on a Multisite Network) requires minor alterations in WordPress core that are not compatible with plugins available at WordPress.org (i.e., not allowed) at this time. For this reason, full support for Multisite Networks is now available only in the pro version.

    What if I already configured Multisite options on a site running the free version?

    If you already customized s2Member’s Multisite Network configuration options in a previous release, those settings will remain and still be functional over the short-term; i.e., the functionality that makes s2Member compatible with Multisite Networking is still included, even in the s2Member Framework. However, the routines that deal with core patches, and those that allow you to change Multisite options are no longer available. You will need to acquire the Pro version. Or, you can revert to a previous release. s2Member Framework v151218 is suggested if you go that route.

    See also: this GitHub issue for further details.


  • (s2Member Pro) Reminder Email Notification Exclusions: It is now possible to enable/disable EOT Renewal/Reminder Email notifications on a per-user basis. You can edit a user’s profile in the WP Dashboard and check “No (exclude)” to prevent specific users from receiving any reminder emails that you configured. Props at @patdumond @luisrock. See also this GitHub issue.

  • (s2Member) PHP v7 Compat.: This release addresses one remaining issue with the preg_replace /e modifier as reported in this GitHub issue. Props @nerdworker for reporting. Thanks!

  • (s2Member/s2Member Pro) WP v4.4 Compat.: This release corrects an issue that impacted sites attempting to run s2Member on a Multisite Network; i.e., it corrects a problem with the load.php patch against the latest release of WordPress. Props @crazycoolcam for reporting! See also this GitHub issue.

  • (s2Member/s2Member Pro) Getting Help: This release adds a new menu page titled, “Getting Help w/ s2Member”. This new section of your Dashboard provides quick & easy access to s2Member KB articles, suggestions, and our tech support department (for pro customers). Props @patdumond @raamdev. See also this GitHub issue.

For older Changelog entries, please see the changelog.md file.