Feed Keys

Members Only can also protect you feeds in two ways. You can either require user's to be logged in to the site to be able to access your feeds, require users to use Feed Keys to be able to access your feeds or have no protect on your feeds allowing anyone to access your feeds.

What are Feed Keys?

Feed Keys, are unique 32bit keys that are added to your blog's URL in order to give every registered user a custom feed URL. A Feed Key looks something like this: 206914af21373cc4792a057b067d2448

This is then appended to the feed url for your user in their User Profile, like the examples below, either without permalinks...

http://mydomain.tld/?feed=rss2&feedkey=206914af21373cc4792a057b067d2448

...or with permalinks

http://mydomain.tld/feed/?feedkey=206914af21373cc4792a057b067d2448

When a user visits a feed on your site, Members Only checks to see if there is a Feed Key in the query section of the feed URL and checks whether it is stored in the wp_usermeta table of your WordPress database. If it finds the Feed Key in the database it allows access to the feed, otherwise it presents the user and error. An error will also be give if no Feed Key is found in the feed URL.

How and When are Feed Keys Generated?

A Feed Key is generated by creating a 32bit random alpha-numeric-case-insensitive string that is then hashed against the user's username, insuring that no two users can ever have the same.

Feed Keys are generated when the user logs in to your blog. If they don't have a Feed Key, one generated for them and stored in the wp_usermeta table in your database, otherwise they will use the one that is already stored in the database. An admin can also manually generate a Feed Key for a user by visiting there user profile and choosing the option.

If you allow it, users can also reset their Feed Keys from their user profiles or you can leave this to Admins.

More information on Feed_Keys is here.