Here at MemberFix we set up all of our hosting—whether for ourselves or for our customers—the same exact way, almost every time.
Over the years we’ve found what we believe are the best tools, services, and practices to get membership site hosting set up quickly and off to the races. So in this article you’ll learn our most reliable method to get your membership site up and running.
Registering a Domain
The first step is to register your domain name (if you don’t already have one of course).
While you can do this through any number of different channels, we purchase all of our domains through Namecheap. The reason for this is that Namecheap has a huge selection of domains (including alternative extensions like .rocks, .io, .training, and so forth) and at great prices.
As you can see in the screenshot above, you’re by no means required to use a “.com” extension! 🙂 There are many other unique extensions available that may even work better than a .com from a branding perspective.
In conversations with my good Josh Denning—who is the founder of The Local SEO Company and a staggeringly knowledgable veteran of the SEO industry—we’ve concluded that the ability of a .com domain to outrank an unconventional domain name extension (such as .rocks or .training or .io, etc.) is so marginal as to not even really matter.
The main ranking factors are, and have always been, great content and high quality links.
In other words, don’t worry too much about snagging a .com unless there’s a very strong branding or practical reason for doing so.
You’ve got a wide array of cool and memorable domain name extensions to choose from; by no means should you feel pressured into picking a .com.
Not to mention, .com domains are often bought in bulk by squatters who hold them with the sole intention of trying to sell them to a business owner at a premium. These folks depend on the widespread misconception that a .com is a more valuable domain name extension than the alternatives. I contend that it is not!
When I bought memberfix.rocks I first checked if MemberFix.com was available. It was owned by somebody so I contacted the owner. He wanted money, but I didn’t want to pay the price he was asking, so I bought the .rocks and now we have a domain that’s even cooler than a .com, as far as I’m concerned. 🙂
Registering with your hosting company vs Namecheap
Often times when you register a domain through a hosting company they’ll charge you DOUBLE what you would pay with Namecheap. You’re already in their ecosystem and they’re counting on the idea that you probably can’t be bothered to go price shopping elsewhere just to save a few bucks per year on a domain name.
But viewed from an accounting prism, each domain represents an operating expense for your business. And once you accumulate a lot of domains the costs can really start to add up.
So do yourself a favor and never register your domain through your hosting company; use Namecheap instead.
Free domain name privacy
The other reason we like Namecheap is that they throw in free domain privacy. So if you want to hide the fact that you’re the owner of a certain domain, Namecheap doesn’t charge you extra for it. Some other companies do.
Clean and intuitive dashboard
Namecheap provides you with a great user experience.
When you log in you can easily understand the different areas of your Namecheap Dashboard:
– my domains
– my account
Back when I used to host my websites with Bluehost, their domain management area always struck me as clunky. Namecheap, on the other hand, is intuitive and pleasant.
Great DNS management
One of the logistical concerns you have to consider when you purchase a new domain—or, when you work with an existing domain—is how long it will take for a change in your nameservers and DNS records to propagate (a fancy word for “update”).
For example, we use CloudFlare to manage DNS for our websites. In order for CloudFlare to take over this role we have to point the so-called “nameservers” of our newly purchased domain to CloudFlare.
With some registrars and domain resellers—e.g., GoDaddy—you may have to wait up to 48 hours for the nameservers and/or DNS propagation of your domains to complete. In the case of a brand new domain this delays the deployment of your website. For an existing domain it can cause your database and websites files to become unsynced during the propagation period.
Simply put, having a fast and reliable DNS makes your life easier all around.
Pointing your Nameservers to CloudFlare
The first step after you register your domain is to point your domain’s nameservers to CloudFlare.
Why use CloudFlare?
The reason we use CloudFlare is because it’s the premier DNS management tool in the world, which comes with a bevy of additional perks.
Not only does CloudFlare provide blazing-fast DNS management, it also throws in a free CDN*, automatically protects your site against certain types of attacks such as DDoS (distributed denial of service), and offers some built-in caching, to name just a few.
*What is a CDN?
A CDN, or, “Content Delivery Network”, increases the load times of your website internationally; not just in the location where your server is deployed.
To oversimplify a bit, this is done by distributing copies of your website in real time to so called “edge” servers all around the world and serving your site to a visitor through the edge server closest to his geographic location.
This way if a visitor lives in Australia but your website is hosted on a server located in the US, your site can be loaded from an Australian edge server and thus loaded more quickly.
See the graphic below for a visual explanation.
The tier of CloudFlare we’ll be using is free for an unlimited number of domains. 🙂 Boom!
How the deuce can CloudFlare offer such a slick service without charging for it?
From what I can discern, CloudFlare seems to make their money chiefly from their enterprise customers (whom they charge top dollar), which allows them to provide small business owners like you and me with a pretty great level of service for free, while also building brand equity through good will.
If you want some of the more advanced functionality that CloudFlare offers you can opt for a paid tier of service. But I’ve found the free plan to be excellent for virtually every use case. The sole caveat I’ve found with the free plan is that you only get a few so called “Page Rules”, which allows you to control caching on your site on a page-by-page basis.
All in all, however, this is a rather small concern that doesn’t affect the vast majority of sites and is unlikely to affect you.
Adding your domain to CloudFlare
1 – Go to CloudFlare.com and signup
2 – Add a new domain
3 – Follow the steps in the wizard. When you come to the plans page select the free plan
Then click “confirm plan”.
4 – Next you’ll arrive at a page that shows the DNS records that CloudFlare was able to retrieve. Don’t worry about this for now. Just click continue.
On the next page is where you’ll receive your CloudFlare nameservers, which is what we need:
In this case the nameservers are:
5 – Inside of your Namecheap dashboard go to Domains => Your domain => Manage => Scroll down to the “Nameservers” section and select Custom DNS:
6 – Copy / Paste your CloudFlare Nameservers into these fields. Make sure to click the little green check mark afterwards to save these changes.
7 – Wait about a minute
8 – Return to CloudFlare and click the “continue” button on the screen where you got your nameservers.
9 – You should see a message telling you that you’ve successfully added the domain to your account.
If you don’t see this message it’s either because the nameserver update needs a few more minutes to take effect, or because you did the previous steps incorrectly (please double check them).
Congratulations, you’re on CloudFlare
Now your DNS is officially being managed by CloudFlare. Boom! 👊
Make sure to keep your CloudFlare tab open, we’re going to return to it a few steps from now.
The main advantages of your new setup are:
A) You can activate HTTPS and CDN on each individual DNS record
B) DNS changes propagate almost instantly
This second characteristic is key because it allows you to do things like change hosting providers, change email servers, etc., with virtually no downtime. Whereas with some DNS systems you might have to wait for hours or even days(!) for propagation to occur.
Register your CloudWays account
Now you’ll need a place to host your WordPress membership site.
Who to trust?
Everybody and their grandmammy has an opinion on which hosting company is “the best” (whether or not they’re qualified to offer it; a problem with the internet in general to be sure).
And most of the recommendations in this space are driven not by which company provides an objectively better product, but by which company pays the handsomest affiliate commissions.
This creates a fundamental misalignment of incentives between you, dear reader, and the haughty hosting hawkers who have the Herculean chutzpah to heavily heave subpar products your way just for a little extra cash.
Since we here at MemberFix make virtually all of our revenue through our WordPress / membership site support service, our loyalty naturally belongs to the people who butter our bread. These people pay us to set up good tech for them. So finding and implementing the very best tools and services for our customers (and ourselves, who eat the same dog food that we recommend) is our ostensible incentive.
We don’t have to pimp a subpar product or service and risk alienating the very customers who pay us for our impartial expert opinions just for a few additional affiliate bucks (which would make no real difference to our bottom line anyway).
In other words, we’re in the fortunate position of being able to call a spade a spade!
Now then, in my experience—which includes the collective experience of our strategic partners and satellite business ventures (including my boutique hosting company, SpeedKills.io; our crypto fund, our Divi Design strategic partner, and virtually all of our professional endeavors)—the best hosting provider we’ve found and consistently use is CloudWays.
There are some edge cases in which CloudWays may not be the best choice; each situation is unique and must be considered in its full context. However, for the majority of use cases we’ve encountered, including our own projects, CloudWays has proved to be the best combination of performance, support, ease of use, and price.
We’ve been using CloudWays for years since their arrival on the scene as a promising startup, and I’ve written a whole article on why we use CloudWays for our own hosting needs, for the needs of our hosting company’s (SpeedKills.io) customers, and for many of our MemberFix customers as well. So I won’t belabor that point here.
Rather, I’ll assume that you’ve already done your homework, have decided to use CloudWays, and would now like to get started using their platform. So, let’s dive in!
Signup for your account
1 – Go to the CloudWays website
2 – Sign up and confirm your email address by visiting your inbox and clicking the link in the CloudWays email!
A note on CloudWays’ pricing:
Unlike a flat monthly fee for ‘x’ amount of websites, CloudWays charges you per server and also based on the SIZE of the server you launch.
Servers are quite cheap, especially if you pick a Digital Ocean server (our top choice). The price for the server will be the same every month.
A basic 1GB Digital Ocean server costs only $10/month. 🙂
You’ll be allowed to launch you first server straight away when you join CloudWays. You get a 3-day free trial in which to play with your server. But in order to keep it online and launch additional servers you’ll need to fund your account by going to Account => Credit Card.
Launch your server
1 – After confirming your email address you’ll be taken to the “launch a server” screen.
2 – Select the following options:
(1) CLEAN WordPress (no CloudWays optimizations)
(2) You can name these three sections anything you want
(3) Digital Ocean
(4) 1GB server size
(5) Location: pick whatever location the majority of your traffic is likely to come from. If you’re not sure, just pick San Francisco. You can always change this later. 🙂
3 – Click Launch Now. It’s going to take a few minutes for this process to finalize.
4 – While the server is deploying, take a minute to fund your account by clicking the green “upgrade my account” button at the top of the screen and filling out your credit card details on the following page.
Tweaking your Server Settings
1 – Once your server is finished deploying, click on it and find the “Manage Services” tab.
DISABLE the varnish cache.
I’m mystified as to why CloudWays enables varnish cache by default on their servers because it’s so darn prone to conflicts in WordPress. Varnish cache—much like Redis cache—can also speed up your website considerably but it has to be implemented slowly and by somebody who knows what they’re doing. This is especially the case for membership sites where caching can cause all sorts of funky issues.
2 – Now click on the little “www” icon in the top right of your screen and then click on your application name.
Important: this little icon allows you to toggle between the Application Settings and the Server Settings.
3 – In the Application Management menu on the next page click on Domain Management. In the “Primary Domain” field enter the URL of your new website and click Save Changes.
4 – Go back to your CloudFlare tab and navigate to the DNS management screen. Add the following two records.
Record #1 – A Record with the following settings:
Value: IP Address of your server (found by following the screenshots below)
TTL: Automatic TTL
Cloud color: orange
Record #2 – CNAME record with the following settings:
Value: URL of your CloudWays application (found in the Domain Management section in CloudWays, per the screenshot below)
TTL: Automatic TTL
Cloud color: orange
When you’re done your CloudFlare records will look something like this (although you may also have additional records that were carried over from your previous host):
*Note that if you’re transferring an existing live domain to CloudWays from a different host this process looks a little bit different and requires you to follow the migration procedure laid out here:
Migrating your website
1 – Login to the client’s WordPress dashboard
2 – Go to Plugins => Add New
3 – Search for “Cloudways”.
Install the CloudWays WordPress Migrator plugin. Make sure to click Activate after installing.
4 – In the WordPress admin sidebar find and click CloudWays Migrate
5 – On the CloudWays Migrate screen you’ll need to enter several pieces of information to begin the migration process.
(A) Email – enter in your email address because this is the email address where you will receive the “migration completed” notification.
Destination Site URL – To find this URL go into CloudWays and click on Applications in the main navigation. Then select the application corresponding to this domain. Click the Access Detail link in the sidebar. Find the Application URL. Click on the little icon next to the application URL in order to open the URL in a new tab. Select the URL in your browser and copy/paste it into the Destination Site URL field on the CloudWays Migration screen.
(C) Application Folder Name – To find this value go into CloudWays and click on Applications in the main navigation. Then select the application corresponding to this domain. Click the Application Settings link in the sidebar. Find the Folder field. Click on the string of letters to copy the value to your clipboard. Paste it in the Application Folder Name field on the CloudWays Migration screen.
(D) SFTP Server Address – To find this value go into CloudWays and click on Servers in the main navigation. Click on the server you’re working on. Click on the Master Credentials link in the left navigation. Find the field labeled Public IP. This is the SFTP Server Address. Copy and paste it into the corresponding field in the CloudWays Migration page.
(E) Username. Same directions as item (D) above. The field labeled Username is the SFTP Username. Copy and paste this into the SFTP Username field in the CloudWays migration page.
(F) Password. Same directions as item (E) above. The field labeled Password is the SFTP Password. Copy and paste this into the SFTP Password field in the CloudWays migration page.
6 – Click Migrate.
The migration process will now begin and will take anywhere from 15 minutes all the way to an hour or more.This process migrates all files (both WordPress files and those found at the root), and databases exactly as they exist on the source domain.
Once the migration is complete, you are ready to point the DNS to the CloudWays application.
IMPORTANT: Unless you’re pointing the DNS immediately after doing the migration, remember to always re-migrate the site before pointing the DNS in order to capture any changes that may have been made on the domain in the meantime. Any re-migrations you do after the first migration will take a lot less time than the first one.
5 – Now come back to your CloudWays tab and click on the “SSL Certificate” option in the menu (Make sure you’re in the Application Menu and not the server menu). Enter your email address and your domain name in the provided fields.
*If you want your domain URL to appear with a “www” when somebody visits the site, then enter “www” in your domain URL (e.g. “www.yoursite.com”). If you want your URL to NOT have a “www” then just enter the URL without the “www”, (e.g. “yoursite.com”).
Then click Install Certificate.
Logging into WordPress
Now that we’ve installed a WordPress application on your server, pointed your domain name to that application and server, and configured our domain settings and SSL certificate, you should be able to visit your domain’s URL and see a boilerplate WordPress website!
To find your logins to WordPress, head over to the application menu => Access Details => Admin Panel.
Setting up your SSL Certificate (HTTPs) in WordPress
We’ve configured your SSL in CloudWays, now we have to activate it in WordPress. The easiest to do this is with the Really Simple SSL free WordPress plugin.
1 – Grab your WordPress logins and login to your WordPress admin area
2 – Go to Plugins => Add New => And search for Really Simple SSL.
In my screenshot the plugin is already active but in your case you’ll have to click install and activate (2 steps).
3 – Now you’ll see a notice at the top of your WordPress screen prompting you to activate your SSL certificate. Please do so.
4 – You’ll now be kicked out of WordPress admin and asked to login again. When you log back in, your site will be fully secured by your free SSL certificate!
Setting up your SMTP email settings
By default, CloudWays doesn’t provide you with either an outbound mail server or webmail. For Webmail I recommend Zoho or Google Suite. And for outbound mail I recommend a few options.
Picking an SMTP provider
CloudWays follows the default PHP recommendations and insists on a dedicated SMTP email provider to send your transactional emails from your WordPress app (these are emails like “password reset”, “welcome messages”, and any other email coming from your WordPress app).
AuthSMTP wins the “ease of setup” award. SendGrid wins the best, most comprehensive SMTP program in existence (probably) award. They’re both super cheap.
In this tutorial we’ll cover AuthSMTP but SendGrid’s setup would be comparable.
Setting up your SMTP email
1 – Signup to and login to your AuthSMTP account.
2 – In the left sidebar navigation select From Addresses and then click on Add Domain
3 – In the Domain Name and Confirm Domain Name fields enter the URL of the domain you’re currently migrating.
4 – In the Choose your authentication method dropdown select “create a DNS record”.
5 – Click Next
6 – Scroll down to Authorization Step 1 and copy the value in red font to your clipboard.
7 – Now login to our CloudFlare account.
8 – In the top navigation click on DNS.
9 – Create a new TXT record with the following values:
A – Set this value to TXT
B – Set this value to the domain name you’re verifying (do NOT include the “www” or “http”/”https”)
C – Paste the verification value you got in step 6 here.
D – Leave this on default value of Automatic TTL
10 – Click “Add Record”.
11 – Now we have to do SPF verification.
Go back to AuthSMTP and scroll down to the SPF section and click “More info”:
12 – Copy the recommended SPF record (in blue text) to your clipboard.
13 – Come back to CloudFlare DNS.4
14 – If an SPF record already exists for this domain, simply open it and overwrite the existing value with the value in your clipboard that you got in step 16. (You will know that it’s an SPF record because it’s a TXT type and begins with v=spf1)
15 – If there is no existing SPF record, create it as follows:
A – Record type should be TXT
B – This value should be the customer’s domain address (without “http/https” or “www”)
C – This is the value you copied from AuthSMTP in step 16
D – Use the default setting Automatic TTL
16 – The final step is to verify an email address on this domain.
There are two possible scenarios here:
# Scenario 1 #
You already have MX records set to Gmail or a similar 3rd party email service. You can see this by looking for a record that looks like this:
This means you’re using Gmail or a similar 3rd party email app to process emails. You now have to find which domain-based email address to send the AuthSMTP verification email to.
For example, if your domain is awesomestuff.com, you would email need an @awesomestuff.com email address to send the verification message to.
Once you’ve picked the email address, go back to AuthSMTP and enter your email to send the verification:
# Scenario 2 #
In this scenario you do NOT have MX records configured to use email with a 3rd party like Gmail.
In this situation you’ll need a way to temporarily receive mail at the @yourdomain.com email address. You can do this by setting up Zoho temporarily (it’s free). In our case we have our own mail server so we just update the MX records, create a temporary email address and verify the message. In your case you probably don’t have a mail server and you’ll want to use Zoho or a similar app.
13 – Now login to your CloudFlare account.
14 – In the top navigation click on DNS.
15 – Go back and add the SPF following records for the domain per AuthSMTP’s instructions.
16 – In the registrar navigation find the area where you create email addresses.
Create an email for this domain name in the following format:
This email may already be created in which case you don’t have to re-create it.
17 – Go to the WordPress application and add the Easy WP SMTP plugin (download it from the plugin repository).
18 – Use the following values in the plugin:
19 – Replace the From Email Address with the actual from email address associated with this domain.
It’s better to use something like [email protected] so that it looks like the email address of a real person.
20 – Replace the From Name to reflect the sender.
Usually it’s the site name e.g. SpeedKills.io or the name of the person e.g. Vic Dorfman
21 – The username and password are your AuthSMTP username and password.
22 – Send a test email to yourself to verify that SMTP email works.
Now you’re all done!
Setting up WordFence
It’s very important to secure your website from invaders and malicious attacks now. And the way we do this is with the WordFence security plugin.
In our experience fixing many malware attacks and hacks and hardening websites against future attacks, WordFence is the best WordPress security solution. It’s also free and incredibly valuable even at the free level.
1 – Go to plugins => Add New => Search Wordfence
2 – Install and activate the plugin
3 – Now in your menu you’ll see a WordFence option. Go to WordFence => Firewall => All Firewall Options
4 – In the Web Application Firewall Status screen configure the setting to Learning Mode:
This will give WordFence some time to learn your habits and patterns so that it doesn’t erroneously flag you as a threat. If you find that WordFence is being a little aggressive in blocking IP addresses and activity (sometimes it can cause conflicts with plugins like OptimizePress), just come back to this screen and re-activate learning mode for another few weeks or so. That will usually fix the issue and then prevent it from recurring again.
5 – Now go to WordFence => All Options and make sure to configure the email address where you want WordFence to send alerts:
6 – Now go through all of the options and select which activity should trigger alerts. If you’re not sure how to configure this, just leave it in the default setting. Note that you’ll be getting alerts from time to time so make sure to take a quick peek at them. Most of them will indicate that you’ve logged in or your members have logged in. But occasionally they’ll show some malicious activity that may need your attention.
If you need help with security you can also work with us.
What about performance and caching?
Generally we use the WP-Rocket plugin for all of our performance needs.
However, it’s very easy to create issues on a membership site in particular by activating a caching plugin. So while I recommend using it, I don’t recommend you configure it by yourself unless you know what you’re doing.
If you’d like us to do it for you, we’re happy to help.