Content locking

Hi all. I have a client that wants to have their product literature only available to users that fill out a short form on their site before being granted access. They are fine with having the user register, but they don’t want it to be a long and drawn out process where they have to wait for an email with a password, etc. They mostly want to do this so they can see who downloaded what from their site so that their sales team can follow up with them. Any thoughts on stacks or add-ons that would work for this?

hi @AstraeaMarketing,

There are a couple of solutions that allow for user registration and content locking for unregistered users. But to my knowledge, all of them require the user to confirm their email address, so I take it those are out of the question.

One solution that I can think of, is (ab)using the contact form: with a bit of code, you could have the standard RW contact form forward the user to a page upon completion. That page could then hold the content that you’d share with registered users only.

It works like this:

  1. Set up a contact form page the way you like it, with only the fields you’d require for registration
  2. In the box “Email Sent Feedback” in the Contact Form’s settings, enter this bit of HTML:
<meta http-equiv="refresh" content="0; URL='https://yourdomain.tld/unlockedcontent'"/>

… where “https://yourdomain.tld/unlocked-content” is the page that you’d put the content on that you only want to show to your registered visitors.

Now, when a visitor fills in all the required fields and hits “submit”, he’ll be forwarded to your page that has the special content on it.



Thanks to Will Woodgate’s Knowledgebase for the forwarding tip

The problem with the forwarding method is that once the URL is out there you can’t stop it being passed around so really all depends how secure things need to be. If tight security is required then a password is the only way. You could create a Sitelok members area where users sign up themselves, creating their own password. This would have other advantages also such as mailing all members or splitting them into tiers. Buy Membership Software and Systems Online UK | Vibralogix

I think a simple Sitelok registration form collecting the name and email is all that is needed as manofdogz said. This can auto-login the user to the content page so they won’t even see a login form unless you want that. I can help set that up. If you have any questions contact me directly via my Contact form.


1 Like

Thanks, Erwin. That seems like a very easy and simple solution that my client might be okay with. They also want to be able to track exactly what files each user downloads but I think that is not something easily or inexpensively accomplished. I will propose what you suggested to them for the data collection and access and see what they think.

Adrian, thanks for this. I did look at Sitlok but it seemed to be overkill for what they wanted to do. But along with Erwin’s solution, it can’t hurt for me to show my client this as well and let them decide. As I mentioned to Erwin, they ideally would like to know exactly what files each user downloads but I don’t see any easy or inexpensive solution for doing that.

Tracking downloads per user is not possible with standard RapidWeaver. Sure, you can put a counter on the page that contains the download, but that still wont enable you to pinpoint who downloaded the file.

For that, I’d refer you to the excellent Vibralogix Sitelok and enhance that with Joe Workman’s Sitelok stack set. Joe’s set includes a stack that allows your to disclose files for downloading after the user logged in through Sitelok itself.

The hard work is done by Sitelok itself, which is a separate PHP application that you install on your server (it’s not hard, check the video on their site to see how that’s done). Sitelok maintains a database of your users and allows you to manage who has access to what using groups wich contain privileges to pages, files or contents on site (that’d otherwise be hidden).

Joe’s extension (confusingly also called Sitelok) is a set of stacks that makes working with Vibralogix’ Sitelok within RapidWeaver much easier and allows specific features on your RapidWeaver built sites. To be clear: Joe’s Sitelok only works when you have Vibralogix’ Sitelok installed.

The downside (well, in your case) is that the user does need to complete a registration process, including confirming the registered email address, which goes against one of the the acceptance criteria that your customer listed.

Perhaps Adrian (tagging @vibralogix) has a way around users having to confirm their email address after registration?

And if not, sometimes it’s perfectly OK to tell a customer that confirming email addresses is just the best way to go for security reasons. It’ll be hard to argue with that.


Sitelok registration can be set to not require any email confirmation and can auto-login the user. This way the user doesn’t even need to see the form as registration really and will get instant access to the content. If you use the secure Sitelok download links then these will prevent sharing of the links and will also log each download (username, IP etc). If yoy would like to try anything out just let me know.


1 Like

Thanks, Erwin. It definitely sounds like Sitelok will be the way to go. Especially since Adrian at @vibralogix says that it can be set up to NOT require email verification. Definitely want to try this out and put together a demo page for my client to show them how it will work. Their sales team will be thrilled to know that we can track what each user downloaded so they can follow up on those topics accordingly.

This specific client need aside … Sitelok is one of the best tools you can have in your toolkit. It does so many things well. Once you become familiar with Sitelok you’ll discover all sorts of other ways it could benefit current and future clients, even yourself. One of the best pieces of software I’ve purchased over the past 20 years. First rate all around.

Joe’s Sitelok stacks are quite nice, but they don’t add any functionality. What they offer is the ability to more quickly and flawlessly implement Sitelok. The stacks have been worth it for me over a long period of time. But adding all the needed code for Sitelok within RW is also very very doable and probably the smarter way to do things if you are only using Sitelok for a few pages. So not purchasing the stacks will save you $40 now.

… but purchasing Sitelok proper (i.e. not the Stacks) is an investment, not a cost.

1 Like

Matthew, thanks for this info. I love plug and play solutions and avoid coding whenever I can (I’m an artist/creative director first and web designer second). With all I have seen here in this thread, I do believe Sitelok will be the way to go and definitely plan to look into it further.

I primarily create course websites that need protection: thus using Sitelok. These websites have pages and subpages. And sometimes sub-sub-pages. Depending on where you are in the hierarchy of the website the code you use to implement Sitelok protection is just a wee bit different. I would always add the Sitelok code at the last moment to they typical 30-40 pages I had in a site. It was here, when using the regular coding approach, that I would make mistakes. My own fault, working under a deadline. So Joe’s stacks were helpful in this situation: easily worth the $40 over time so I didn’t need to worry about last minute mistakes by me. If I was applying Sitelok to 1-3 pages I would just use the very simple coding approach.

I did think through this reply before posting. It does NOT offer a solution, but some real-world experience advising a client with the same request.

I built my first website in 1995, so I’m pushing 3 decades of experience in this game.

My client (a multi-million dollar international industrial company) insisted on the same thing: no access to literature unless a contact form was filled out first. They had no idea what permission marketing is. (Google it, if you need to.)

I did as they asked, but repeatedly told them it was a serious mistake. They refused to listen, eventually so angrily that I was in fear of losing them as clients.

About 6 years in, I put a page counter on the required form page, and on the document download page (which was otherwise inaccessible.) Then I waited 6 months and gave them the results: 51% of the potential customers landing on the form page just left, and never made it to the documents page. They still didn’t care. They were happy to throw away half their customers! That was in 2017.

In 2021, I got a call from their marketing manager, asking me for help. He had just done the same test I did in 2017, and now the ghosting rate was up to a stunning 95%. Only 5 out of every 100 visitors agreed to the forced sales pitches.

The solution I proposed was straight out of Permission Marketing: put an optional form on the document download page, at the very top, saying, “If you’d like to learn more, we’d be happy to speak with you. Please fill in your phone number and name. To see our literature just scroll down.”

Now 100% of visitors get their literature, and sales shot up, because the people who left their name and number wanted to get the phone calls, instead of being forced into them. (The ‘Permission’ in Permission Marketing.)

“If you want to even learn about our product, you MUST take a sales pitch phone call from us…”

Yeah? How’s that working out for you?

[Of course fellow developers, “the client is always right”. I get that, and YMMV.]

I’m Just sayin’…


Absolutely 100% right! Love this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.