This setting determines whether or not your site will allow you to use the autologin feature. The Autologin feature is inherently less secure because it replaces the user’s password with a simple number which can be easily brute-forced or guessed. Once someone obtains the Contact Id and the user’s email address they can continue to access the account even if the user changes the password.

Continue Reading...

When installing on WP Engine, you will need to contact WP Engine support and request that they turn off the “redirect_bots” setting, and purge the cache. If this setting is not disabled, then it will not be possible to send HTTP POSTs to your app, as the WP Engine server will intercept and stop them from succeeding. You’ll need to send a support ticket to WP Engine Support and ask them to allow your posts to contain variables.

Continue Reading...