You have some excellent points and I would never store financial data on my servers. I use VPS servers but all of my payment processing goes through PayPal. I have opted NOT to deal with all the legal implications you mentioned above.

Now – on WordPress as membership site.

This post was written a while back and at the time I didn’t see any plugin that could sufficiently manage it. Obviously situation have changed but I personally still prefer to use stand alone membership management scripts for the same reasons I have outlined in this post.

When you income depends on reliability of the script that manages income generation – last thing I want is extra complexity. I like to keep things stable and secure, individually.

People obviously have a lot more options now when it comes to membership script and each is entitled and in fact encouraged to investigate their options.

Thank you for the feedback.

Alex Sysoef

Where would you be storing your member’s data? And if you *are* storing your members’ data on your server (in your database) I would hope you are not using a shared host. Personal information and credit card information HAS to be stored on a private server. If not, you, as a seller that managed that information, are legally responsible for anyone who obtains that information (as I recall, US law states the cost of whatever damage is done to each person + $10,000 fine. Per person.) Being in a shared host *alone* is a BIG risk for your members – your server is only as strong as the security levels that people on that server take – the weakest link is your downfall. All it takes is one teenage blogger talking about school, or gramma talking about her quilts on your server who knows nothing about security to use the wrong kind of form, and BAM – everyone on the server is toast.

That’s not a WordPress issue, that’s a hosting issue (and a legal issue).

If you *are* on a private server, then you still have to take extra steps to protect your member’s personal information. (Such as passing the PCI compliance rules of your credit card companies, using SSL encryption, etc.) Again, not WordPress issues.

If you’re using a WordPress plugin to manage *passing information to logged in users*, then all WordPress will do is pass that information based on your code. IT can do that, no problem. It’s up to *you* to make it work however you want to. That’s the beauty of WordPress – it’s flexible enough to be anything from a simple blogging tool to a huge, complex cms – and powerful enough to bend in all kinds of directions. If you want to use a plugin to handle complex tasks, then you need to be sure the plugin author is up to par for it. As with *any* important purchase, do your research. (and if you’re storing personal information, FREE plugins are NOT the way to go for this.)

To single out WordPress as being wrong to manage a membership site is…well… wrong. It can, and it does it effectively. You, as a site owner, have the responsibility of ensuring your own security, and thus those of the people that trust you with their information. As far as ANY software goes – not just WordPress – the only data you should be storing on your sever is name, email and password. Maybe a quick bio or something. Anything else (like address, social security number (God forbid), phone number, credit card number…) is too much – unless you’re on a secure private server and pass PCI compliance rules.

Every bit of software has it’s downfalls. Singling out WordPress as the problem is just wrong. There’s tons of other software out there that does the same thing, and has the same issues. It’s not just the *software* you use that’s the problem, it’s what you install the software on, and how you choose to secure it on your own.

Since you have limited skills my best recommendation would be Easy Member Pro membership script, I think it will fit your needs perfectly! Since you mentioned you have limited funds – I can offer you discount on it, if you choose to purchase it, as a JV partner and a friend I get the privilege to offer this to my readers: http://www.howtospoter.com/wp-content/plugins/oiopub-direct/modules/tracker/go.php?id=40 . If you are planning to also provide free content to people, you can add WordPress to membership system and if not already – I know Anthony has a plugin for integrating his script with WP