mermberfix logo x
Your Uncommonly Amazing WordPress Tech Partner
Work with us
mermberfix logo x
Membership plugins

Plugin Audit and Membership Access Fix for LEDES.org

Client Overview

LEDES™ (Legal Electronic Data Exchange Standard) Oversight Committee (LOC) is an international, voluntary, not-for-profit organization comprised of legal industry representatives. The LOC is dedicated to creating and maintaining open standard formats for the electronic exchange of billing and related information between corporations and law firms.

The organization operates LEDES.org, a membership website originally built with Paid Memberships Pro (PMPro).

Challenge

While LEDES.org had a lightweight tech stack and simple design, their members reported critical login issues:

  • Admins were locked out of the site
  • Members could not log in even with correct credentials.
  • Users were repeatedly locked out during login attempts.
  • Two-factor authentication (2FA) codes never reached inboxes.
  • Multiple reCAPTCHA boxes appeared on the login form.

These failures created major friction for the organization’s active members.

To help diagnose and repair these issues, LEDES engaged us for a comprehensive technical audit.

Audit Findings

During our investigation, we identified several underlying issues:

Login & Security Conflicts

  • Hosting-level 2FA and reCAPTCHA: Enabled by GoDaddy, conflicting with WordPress-based authentication.
  • Limit Login Attempts Reloaded (LLAR): A problematic plugin bundled by GoDaddy, installed as a “must-use” plugin that cannot be disabled through the WP dashboard. This plugin has a history of causing unnecessary login lockouts.
  • WP Content Copy Protection & No Right Click (premium): Incorrectly flagged users with Chrome/Firefox extensions as “hackers,” preventing them from logging in.
  • Solid Security Pro: Introduced an additional layer of 2FA, creating further conflicts.

Email Deliverability

  • SMTP email not configured: The site relied on GoDaddy’s PHP mailer, leading to 2FA codes and transactional emails not being reliably delivered to members.

Plugin Bloat

  • 27 active plugins at the time of audit. Many were unused or could be replaced by simple custom functions or CSS.
  • Residual database tables from previously uninstalled plugins, cluttering the system.

Hosting-Level Caching

  • GoDaddy enforced page caching across the site with no option to exclude membership pages, causing session and login inconsistencies.

Solution

Restoring Administrator Access

Even administrators were being locked out of the site. We managed to gain access by using MySQL to enable a 2FA grace period, thus bypassing the broken 2FA setup.

Email Deliverability

  • Configured SMTP (transactional email) for reliable email delivery of important system messages (e.g. login information, password reset emails, etc).
  • Recommended Brevo as a cost-effective solution (free plan covers up to 300 emails/day, sufficient for the organization’s needs).
  • Suggested AuthSMTP or AWS SES as scalable alternatives for future growth.

Login & Security Fixes

  • Disabled Limit Login Attempts Reloaded at the file system level (MU-plugins folder).
  • Removed unnecessary security layers from WP Content Copy Protection and Solid Security Pro.
  • Streamlined 2FA and reCAPTCHA setup to eliminate duplication.

Plugin Audit & Optimization

  • Reduced active plugins from 27 to 19 without losing functionality.
  • Cleaned residual database tables.
  • Replaced plugin-based features with lightweight custom code where appropriate.

Results

  • Admin login restored: Site administrators can now freely access the WordPress backend.
  • Member login restored: Users can now log in seamlessly with valid credentials.
  • Transactional emails delivered reliably: 2FA codes, password resets, and membership emails now reach inboxes.
  • Performance improvements: Site backend and frontend performance stabilized.
  • Plugin optimization: Reduced plugin count by 30% while maintaining full functionality.
  • Future-ready infrastructure: Site is now set up to run smoothly for years, with a clear path for scaling email infrastructure as membership grows.

Summary

The root cause of LEDES.org’s membership access issues was conflicting security plugins, lack of SMTP configuration, and GoDaddy’s restrictive hosting setup. By conducting a comprehensive audit, optimizing the site, and reconfiguring email and login systems, we resolved all major issues.

The LEDES Oversight Committee can now confidently manage their membership operations, providing a smooth experience to their members without login frustrations.

You may also enjoy...

best hosting

What Is The Best Hosting For a WordPress Membership Site?

WordPress based membership sites have certain requirements, and make use of certain applications that, in my experience, makes most of the popular hosting providers a poor choice.
Read More
Buy Product Only Once

Allow product purchase only ONCE in WooCommerce

Step by step guide on how to prevent customers from buying your WooCommerce products more than once.
Read More
hide-membermouse-dripped-content

Hide MemberMouse dripped content in post grid

Hide MemberMouse dripped content from users until it’s available in the WPBakery Visual Composer’s Post Grid element.
Read More
default bg

Membership Migration Recovery

Case Study for a MemberPress Migration Recovery 👉 This case study highlights how MemberFix rescued WOWintl.org from a broken migration, restored member trust, and set the foundation for long-term growth.

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

mermberfix logo x
Let Our Rockstar Team Handle Your Tech
Work with us

Tech Problems? Not Anymore!

Get dedicated support from a team of membership experts who can give you the time and confidence to focus on high-value activities to maximize the potential of your online business.

Contact us
Memberfix sitemap
Info
Content
Services
Custom Develpopment
Linkedin

Copyright © 2025 MemberFix