Gated Content
Gated Content captures how logged-in users experience the site — beyond what a public visitor sees. Tag any tracked URL with a tier credential and wheremore logs in, loads the page, and saves the HTML and screenshots as that user type.
Quick start
1. Open Manage Sessions and select a domain
2. Click Settings and expand Gated content
3. Click + Add tier, enter the login URL, username, and password, then click Save
4. Click Test login — wheremore verifies the credentials and auto-detects the login form fields
5. On any tracked URL row, click the + [Tier name] chip to capture that page as the logged-in tier
Understanding the display
Gated Content has two surfaces: tier credentials configured inside the Settings panel, and tier chips displayed on every row of the URL table in Manage Sessions.
Tier chips
Every tracked URL row shows one chip per configured tier. The chip style indicates whether that page has been captured for that tier.
| Chip | Meaning |
| Solid navy chip | Capture succeeded. Click to remove the tag and delete the captured content for this tier on this page. |
| Red chip | Capture attempted but failed. Click to remove the tag. |
| Grey chip | Capture queued, not yet complete. |
| Dashed chip (+ name) | Tier not captured on this page. Click to queue a capture. |
Tier accordion
The Gated content row in Settings lists every configured tier. Each tier shows a color dot, name, username, and login status (Login OK or Untested). Click a tier header to expand the details panel and edit credentials, test login, or remove the tier.
Inside the expanded panel, the Selectors section shows the current state of the login form fields: a green ✓ Detected label if selectors are stored, or (auto-detect on save) if no selectors have been saved yet. Click Selectors to expand the panel and view or edit the field values.
What should I do next?
| Situation | Action |
| No tiers configured | Click + Add tier and enter credentials for one logged-in user type |
| Tier status shows Untested | Expand the tier and click Test login to verify credentials and detect the login form |
| Test login succeeded with a partial-detection warning | Open the Selectors section and fill in any missing fields manually |
| Test login failed with a Success URL error | Check where the site actually redirects after login and update the Success URL field |
| Test login failed but login works manually | Auto-detection may have picked the wrong form element. Open the Selectors section, clear the fields, and run Test login again — or enter selectors manually |
| Page shows a dashed tier chip | Click the chip to capture that page for that tier |
| Capture chip is red | Credentials may have expired or the login form may have changed. Run Test login on the tier |
| Need to recapture every tagged tier on a page | Click the refresh icon on the URL row. The public HTML is refreshed and every tier already tagged to that page is recaptured |
| Login uses CAPTCHA, SSO, or multi-factor auth | These flows cannot be automated — Gated Content supports single-step username + password forms only |
| Tier limit reached (5/5) | Remove an unused tier before adding a new one |
Configuring tiers
Each domain supports up to five tiers. A tier represents one user type with its own login — for example, Member, Pro, and Admin on the same site. Every domain has its own independent tiers.
Creating a tier
6. In the tier form, enter a Tier name (e.g. Member, Pro, Admin)
7. Enter the Login URL — the page where the login form appears
8. Enter the Username / email and Password
9. Optionally enter a Success URL — a URL prefix the visitor is redirected to after successful login
10. Click Save
Selectors are not required at this stage. The first Test login run will auto-detect them.
Success URL
Success URL tells wheremore where a successful login lands. After submitting the login form, wheremore compares the final URL against the Success URL prefix. Login passes only when the final URL starts with this prefix.
Set Success URL when the login form redirects to a predictable page such as a dashboard or account home. Leave it blank for simpler sites where any successful page load is sufficient.
The value is matched as a prefix, so trailing query parameters and sub-paths are accepted. A Success URL of https://example.com/dashboard matches https://example.com/dashboard, https://example.com/dashboard/home, and https://example.com/dashboard?welcome=1.
Credential storage
Passwords are encrypted at rest and never displayed in the UI. When editing an existing tier, leave the password field blank to keep the current password. Enter a new password only to replace it.
Testing a tier
Test login does two jobs in a single action: it confirms the credentials work, and it auto-detects the login form fields so captures know what to fill in. Running it on every new tier is strongly recommended — a failed test here catches problems early, before tagged pages start showing red chips.
Running the test
11. Save the tier first — the Test login button on the new-tier form prompts to save before running
12. Expand the saved tier in the accordion
13. Click Test login
14. Wait a few seconds — the test runs against the live site
15. A result message appears below the tier fields: green tick for success, red cross for failure
Test login counts as one page scrape each time it runs. Tests are rate-limited to 10 per hour per tier to prevent excessive retries against the live site.
What Test login does
Test login runs through these steps in order:
16. Scans the login page to identify the username, password, and submit fields (only when Selectors are blank — see How auto-detection works)
17. Stores any detected selectors on the tier
18. Logs in with the saved credentials using those selectors
19. Verifies login succeeded using Success URL, if set, or confirms a page was returned
20. Updates the tier status and result message
Reading the result
A successful test updates the tier status to Login OK and clears any previous error. The tier is now ready to be tagged on pages. If auto-detection ran, the Selectors section auto-expands so the detected values are visible.
A failed test keeps the tier in its previous status but records the error message, which displays inline. Common failure and warning messages:
| Message | What it means | What to do |
| Login successful — Form selectors detected and saved. | The test passed and detected all three login form fields. | No action needed. The tier is ready to tag on pages. |
| Login successful — Partial detection… | Login worked, but one or more login form fields couldn't be detected automatically. | Open the Selectors section and fill in any missing fields manually. Captures may still work, but reliability improves with complete selectors. |
| Login successful — These selectors were not found… | Login worked, but one or more stored selectors no longer match the login page — usually because the site has changed. | Clear the listed selectors to trigger re-detection on the next test, or correct them manually. |
| Final URL did not match Success URL | Login submitted but the browser landed on a URL that doesn't start with the Success URL prefix. | Log in manually, note the URL after login, and update the Success URL field to match — or clear the field to skip the check. |
| No HTML returned and no success verification configured | The login attempt returned an empty response and there's nothing to verify against. | Check the Login URL is correct and reachable. Add a Success URL so the test has something to verify against. |
| Too many test attempts. Please wait… | Test login has been run more than 10 times in the past hour on this tier. | Wait before retrying. Use the time to diagnose with manual browser login or browser devtools rather than rapid-fire testing. |
| Credentials appear rejected / login failed | The login form was submitted but the site didn't accept the credentials. | Confirm username and password manually in a browser. Check for account lockout or expired password. |
Selectors
Selectors tell wheremore which fields on the login page are the username input, the password input, and the submit button. In most cases these are set automatically by Test login — manual configuration is only needed when auto-detection picks the wrong element or can't find one.
How auto-detection works
When Test login runs on a tier with no saved selectors, wheremore inspects the login page HTML and tries candidates in priority order for each field. The first match for each field is stored and used for future captures.
Username / email field priority:
• Any input of type email
• An input with name 'email'
• An input with name 'username'
• An input with name 'login'
• An input with id 'user_login' (WordPress default)
• The first text input on the page (as a fallback)
Password field:
• Any input of type password
Submit button priority:
• A button of type submit
• An input of type submit
• A button with 'submit' in its class name
• An input with id 'wp-submit' (WordPress default)
Standard login forms match the first or second candidate for each field. More unusual forms may need manual selectors if auto-detection finds the wrong element or misses one entirely.
When auto-detection isn't enough
Three situations commonly require manual selector values:
• Partial detection — Test login reports that one or more fields couldn't be detected
• Wrong form picked — the login page has multiple forms (e.g. a newsletter signup above the login) and auto-detection picked fields from the wrong form
• Validation warnings — stored selectors no longer match the login page after a site change
Finding a CSS selector manually
21. Open the login page in a browser
22. Right-click the username or email field and choose Inspect (or Inspect Element)
23. The browser highlights the field's HTML — look for a unique name, id, or class attribute
24. Build a selector from that attribute — see examples below
25. Repeat for the password field and the submit button
Selector examples
Three common patterns cover nearly every login form:
| If the HTML looks like this… | Enter this selector |
| <input name="user_email" type="text"> | input[name=user_email] |
| <input id="login-password" type="password"> | #login-password |
| <button class="btn-login" type="submit"> | button.btn-login |
Editing selectors
26. Expand the tier in the accordion
27. Click Selectors to expand the panel
28. Edit any of the three selector fields
29. Click Save
30. Click Test login to confirm the new selectors work — validation runs instead of detection because the fields are no longer blank
Each selector field is independent. Providing a value overrides auto-detection for that field only. To re-run auto-detection, clear all three fields and save, then run Test login again.
Common selector pitfalls
• Selector matches multiple elements — wheremore targets the first match. If a newsletter form and a login form both contain input[type=email], narrow the selector by adding a form or section wrapper, e.g. form.login-form input[type=email]
• Selector uses an attribute that changes per page load — some frameworks generate random IDs or class suffixes. Use a stable attribute (name is usually reliable) instead
• Field appears inside an iframe — logins rendered inside an iframe from a different domain aren't reachable via selectors on the outer page
What's not supported
Gated Content automates standard single-step form logins — visit a page, fill in username and password, submit. Several common login patterns can't be automated and won't work as tiers:
• Multi-step login flows — where the email is entered on one page, then the password on a separate page after submit
• CAPTCHAs — any form requiring a CAPTCHA, reCAPTCHA, or similar human challenge
• Multi-factor authentication — SMS codes, authenticator apps, email codes, or any second factor
• Single sign-on (SSO) — logins that redirect to a separate identity provider (Google, Microsoft, Okta, Auth0, etc.)
• Magic link / one-time code — logins that email or text a link or code the user must click or enter
• Biometric or hardware key — fingerprint, Face ID, YubiKey, or similar
For sites using any of the above, Gated Content cannot capture the authenticated view. Public capture is still available via the standard HTML and Screenshot flow in Manage Sessions.
Tagging pages with tiers
Configuring a tier does not automatically capture any pages. Each page must be tagged individually with every tier to capture. This keeps capture usage predictable — tag only the pages where logged-in views matter.
Tagging a page
31. Find the URL row in the Tracked URLs table
32. Click the dashed + [Tier name] chip for the tier you want to capture
33. The chip turns grey (pending) while the capture runs
34. When capture completes, the chip turns solid navy (success) or red (failure)
Removing a tier tag
Click any solid or red chip to remove the tier tag. The captured HTML and screenshots for that tier on that page are deleted. Other tiers on the same page are unaffected.
Recapturing
Clicking the refresh icon on a URL row fetches fresh public HTML and re-captures every tier already tagged to that page. Paused tiers are skipped. Use this to bring all captures up to date after a site change.
Capture usage
Each tier capture counts as one page scrape. Tagging a page with three tiers triggers three captures, in addition to the public capture. Test login also counts as one page scrape each time it runs.
Removing a tier
Expand the tier in the accordion and click Remove tier. Confirm the prompt to delete. All captured HTML and screenshots for that tier across every tagged page are deleted. This cannot be undone.
Login failure alerts
wheremore sends an email alert when a tier capture fails because the login did not succeed. Alerts help catch credential changes or login form changes early, before many pages show failed captures.
Alerts are sent for capture failures only, not for Test login failures — Test login results display inline in the UI where the user is already looking. Alerts are also de-duplicated per tier so a single credential issue does not produce a flood of emails.
Troubleshooting
Test login succeeded but shows a partial-detection warning
Auto-detection couldn't find one or more login form fields on the page. The test still passed because login itself succeeded, but captures may be less reliable. Open the Selectors section and fill in any missing fields manually.
Test login succeeded but validation warnings appeared
Stored selectors no longer match the login page — usually because the site has been redesigned. Clear the listed selectors and run Test login again to re-detect, or update the selectors manually.
Test login fails with 'Final URL did not match Success URL'
Login succeeded but the final URL doesn't start with the Success URL value. Log in manually and note the URL in the browser address bar immediately after login. Update the Success URL field to match the first part of that URL, or clear the field to skip the check.
Test login fails but login works manually
Auto-detection may have selected the wrong element — most commonly on pages with more than one form. Open the Selectors section, inspect the login form in the browser, and enter more specific selectors (e.g. scoped to the login form wrapper). Save and run Test login again.
Test login fails with a rate-limit message
Test login is rate-limited to 10 runs per hour per tier. Wait before retrying. Use the time to diagnose with manual browser login or browser devtools rather than rapid-fire testing.
Test login passes but captures are empty or red
The page may render content after a delay, or the login may redirect away from the intended page. Confirm that the target URL is actually accessible to the tier user by loading it manually after logging in with the same credentials.
All captures for a tier show red
Credentials may have expired, the login URL may have changed, or the login form structure may have been updated. Run Test login on the tier to diagnose — validation will flag any stored selectors that no longer match. An email alert is sent automatically the first time this happens during capture.
Cannot add a sixth tier
Each domain supports a maximum of five tiers. Remove an unused tier first, then add the new one.
Tier name already exists
Tier names must be unique within a domain. Choose a different name.
Tier chip stays grey (pending)
The capture is queued and has not completed yet. Refresh the page after a short wait. If it remains pending for an extended period, the capture may have encountered an error — remove the tag and try again.
No tier chips on URL rows
Tier chips only appear when at least one tier is configured for the domain. Open Settings, expand Gated content, and add a tier.
FAQ
Do I need to configure selectors when I create a tier?
No. Selectors are auto-detected the first time Test login runs on the tier. Manual selectors are only needed when auto-detection picks the wrong element or can't find one — most standard login forms work without any configuration.
How are passwords stored?
Passwords are encrypted at rest and never shown back in the UI. Edit fields do not pre-fill passwords — leave the field blank to keep the existing password, or enter a new password to replace it.
Do I need to tag every page I want captured?
Yes. Creating a tier makes it available for tagging but does not capture any pages until a page is tagged with it.
Can a single page be tagged with multiple tiers?
Yes. Tag a URL with any or all configured tiers. Each tier captures independently and appears as a separate chip on the row.
Does each tier capture count as a page scrape?
Yes. Each tier capture counts as one page scrape. A page tagged with three tiers consumes three scrapes per capture run, in addition to the public capture.
Does Test login count as a page scrape?
Yes. Test login runs the full login flow against the live site and counts as one page scrape each time.
How often can Test login run?
Test login is rate-limited to 10 runs per hour per tier.
Do tier captures update automatically?
No. Tier captures run when a page is first tagged and re-run when the refresh icon is clicked on the URL row. They do not update on a schedule.
What happens to tier captures when a page is deleted?
All tier captures for that page are deleted, along with the public HTML and screenshots.
What happens to tier captures when a tier is deleted?
All captures for that tier across all pages are deleted.
Do tier captures respect the exclusion rules in Tracking Settings?
No. Exclusion rules apply to live visitor sessions in the browser. Tier captures are server-side operations — wheremore logs in and fetches the page directly.
Can Gated Content handle multi-factor authentication or SSO?
No. Gated Content supports standard single-step username + password logins. See 'What's not supported' for the full list of unsupported login patterns.