Membership 2 login via iframe not working

Dear support,

we have setup the Membership 2 plugin on the website as stated above and it works absolutely fine as long as users are logging in directly via the domain "".

However, we've integrated it as an iframe on our client's website called "", but logging in over this specific embedded page ( is not possible. The form just forwards without logging the users actually in.

We have tried to fix this issue with adding the codes from this article to the wordpress theme's functions.php (at the bottom of the file) as well as the respective rule to the main .htaccess (at the beginning of the file), but nothing has changed.

We truly appreciate your help & best regards from Vienna,

  • Predrag Dubajic
    • Support

    Hi Fuchsfabrik,

    Hope you're doing well :slight_smile:

    I've tested membership login with iframe but I'm afraid that I was unable to replicate this issue on my installation so it looks like this is something specific to your installation.

    Can you perform basic troubleshooting by disabling all of the plugins except from Membership2 and switching to default WP theme, do this on both sites, and see if the issue is still there.

    Let us know how it goes.

    Best regards,

  • Fuchsfabrik
    • Flash Drive

    Hey Predrag,

    thanks for getting back so fast.

    We are currently using the Wordpress default theme "Seventeen", and we have deactivated all plugins besides of Membership 2, but the bug was still there.

    As I've stated before, everything works fine, it's just the log in via iframe which is blocked by default by wordpress, but solutions on stackoverflow (as you can see in the attached screenshot) and other articles haven't worked until now.

    May I send you concrete credentials privately to test the login via iframe yourself?

    All the best,

  • Predrag Dubajic
    • Support

    Hi Florian,

    On my installation I didn't need to add anything in order to have this working, all I did is added iframe with login page from one installation and it works fine for me, you can check it out here and use test as username and password to login:

    Can you grant me support access to both sites and I will create test accounts and check your settings to see if I can find something that would tell us why it doesn't work on your end?
    To enable support access you can follow this guide here:

    Please respond in this thread once access is granted.

    Best regards,

  • Fuchsfabrik
    • Flash Drive

    Hello Predrag,

    The Problem is that the website with the iframe is not the same domain/host as the wordpress site:
    1. Website hosted by 1und1 without Wordpress
    2. Website hosted by with Wordpress + WPMUDEV + Membership2
    We want to setup a platform for our customer and put it on his existing website via iframe. And there is the problem if we try to login in the iframe on safari private mode we are not able to log in. The error in the developer console of the Browser shows a "403 Forbidden Permission" in the wp-login.php and this script is returning to the iFrame just "Blocked" not more. We tried different things like putting

    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/
    RewriteRule .* - [CO=wordpress_test_cookie:WP+Cookie+check:%{HTTP_HOST}:1440:/]

    into .htaccess which did not work.

    We also tried to paste those lines to functions.php:

    remove_action( 'login_init', 'send_frame_options_header' );
    remove_action( 'admin_init', 'send_frame_options_header' );

    Those lines should enable wp-admin in the iframe, but this is working in the regular modes of the browsers.
    The only thing which is not working is the login (custom membership2 login and regular wp-admin login) in private mode in safari.
    I really tried to find the issue but i don't really know what to do know!
    Would be great if you could help us.


  • Adam Czajczyk
    • Support Gorilla

    Hello Florian,

    Thanks for the clarification on this one. It seems that this behavior is not related to WordPress at all but rather to Safari, specifically the private mode.

    Apparently, this is related to the way the cookies are handled in private mode and in case of iframe only the cookie from "parent" site would work. There's a nice explanation of the issue here:

    There are also links to possible workarounds in that post but according to some other information on the web those tricks may no longer work. I'm not exactly sure about it so you might just give it a try (I'm not Mac user so I don't have a way to test it).

    I suppose that "private mode" would rarely be used by the "real users" of the site so that shouldn't be that big issue if it works well in other browsers and Safari "non-private" mode but if use of Safari's private mode is a must, I'd say that the "iframe" solution wouldn't be the way to go here and you might need to re-think the platform "construction", I'm afraid.

    Best regards,

  • Fuchsfabrik
    • Flash Drive

    Hey Adam,

    thanks for your post! It really helped us! Now we are able to log in via iFrame.
    And yes we know that this solution isn't the best, but it was the wish of the customer to get the new platform into its old website, which is not developed by us, so we were kinda forced to implement it in that way.

    Thank you very much Adam!

    All the best,

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.