As you probably know, Memberstack uses Javascript in the front end to prevent logged-out visitors for accessing gated pages and hidden elements. If Memberstack fails to load (javascript disabled, browser issue, etc.) then your content will not be hidden.
That said, you can follow these best practices below to ensure your site is as secure as possible.
- Never link directly from a public page to your gated content. Ideally, the only way a person can access gated content is by logging into their account and allowing Memberstack to redirect them. If you need to provide members with a link to access their content, you can use the data attribute
data-ms-action="login-redirect"
. That attribute will automatically populate with a member's login redirect if they are logged in. - Do not hide valuable content or links to members-only content using data-ms-content attributes.
- Make your URLs unguessable. This will prevent random visitors from landing on a page by mistake. For example,
/premium-299038902i3902n923n9023083/dashboard
- Remove/modify your sitemap so search engines and savy visitors can’t see what pages are available on your site. This is a best practice when using Memberstack anyway. Here's how to update your sitemap in Webflow.
If you do those 4 things, your site will be secured in the same way as Google Photos! Here’s one of my private photos to prove it.
Comments
0 comments
Please sign in to leave a comment.