Well I'm not exactly sure where the problem comes from amember or amProtect. Here is how I have it setup. I have the lastest ammeber, wordpress, and amprotect software installed. My amember installion is at a subdomain (it is located here and on a SSL, for security purposes) http://secure.mywebsite.com/amember/ .. All my protect areas and main website are located at http://mywebsite.com/ .. Problems that need solutions. 1. At login the user is redirected to http://secure.mywebsite.com/ but I want them to be redirected to http://secure.mywebsite.com/amember/member.php or just back to the main website http://mywebsite.com/ and protect areas. 2. Once they are logged in they can't access the protect areas because the redirect keeps redirecting them back to the http://secure.mywebsite.com/... For example. I have protected TheNews category on http://mywebsite.com/. and once the logged in user selects this it take them to the redirect> then to http://secure.mywebsite.com/2010/07/my-article/. It should take them directly to http://mywebsite.com/2010/07/my_article/. Where the actual protected areas are located. 3. Also once logged the widgets don't recognize that the user is logged at all. I had it all working fine until I moved my amember installation to a the subdomain http://secure.mywebsite.com/.. It seems like there is some code that is not redirecting the user correctly to the main domain where all the protect content is. Please help me solve this or direct where I can get some help??????
@ddcat: In my experience it is a bad idea to have aMember on a subdomain that is different than where the content is being protected. aMember on your root domain allows you to protect your root domain and any subdomains. (ie. http://mywebsite.com/amember can protect http://mywebsite.com and http://example.mywebsite.com) aMember on your subdomain should only protect that subdomain and not the root or any peer subdomains. (ie. http://example.mywebsite.com can protect http://example.mywebsite.com but should not protect http://mywebsite.com or http://test.mywebsite.com) This is not an issue of aMember, but a result of browser security and to prevent cross site scripting attacks.
Ok I understand I'm beginning to understand how this works. So please correct if I wrong here but it is best to install the ssl on the http://mydomain.com. then have it setup as follows. http://mydomain.com (content and protected content areas) https://mydomain.com/amember/ (ssl secure signup/login)