How do I count the number of pages a user has seen on my site, and force them to log in after a certain amount

Background

Gating unauthenticated end-user’s ability to view site content based on the activity of such users is a difficult problem to solve reliably, owed to the design of web technologies as a whole.

To the best of my knowledge, WordPress core provides no features which require any such functionality, and so there are no core APIs which are specifically designed to facilitate it.

Authentication mechanisms (such as those used to “log in”) enable us to make a plausible assertion that an end-user is associated with a particular user record stored on our site, which is what allows sites to store and leverage data related to that user. But unauthenticated users do not provide a site with any particularly useful form of identification – so how can associate data with them?

General Solutions

There are a few conventional ways to work around the problem – but all of them come with their own flaws and caveats.

Don’t.

One alternative to trying to keep track of unauthenticated users is simply not to. By this, I mean you either rework your content restriction strategy to remove the necessity to do so, or provide some other means for end-users to authenticate – ideally one which might require very low effort on the end-user’s part and lower the barrier to registration.

The former might mean that instead of trying to limit how many articles an unauthenticated user can view, you only provide them with a portion of each article, or maybe create a classification of article which will always be publicly available while limiting the rest.

An example of the latter (or perhaps both) would be the publishing platform Medium, where some content is restricted to only being accessible to authenticated users, but registering and authenticating is little more than a few clicks thanks to a Single Sign-On mechanism (e.g. “Sign in with Google”). The site is then able to more definitively track and restrict the content views of it’s free users.

The lack of any sort of extended registration form generally lowers the barrier to entry, as does the ability for an end-user to use an account that they already have instead of creating a new one for the site. But since it does still require a user to associate an identity with the site, the barrier’s still quite a bit higher than not requiring authentication at all, which can eat into traffic and conversion rates.

Client Data

A very common solution is to store either some sort of “session ID”/identifier or the data itself in the end-user’s client. This is usually in the form of a cookie which is automatically sent to the server along with every request which that particular browser will make.

While it’s possible to effectively prevent tampering with cookie data by either “signing” the data in a cookie (by including a server-generated hash of the data within the cookie) or entirely encrypt the cookie data, cookies are usually limited to the client to which they were delivered, and in the case of web browsers there’s no way to prevent an end-user from deleting the cookie. In this case, than means that unauthenticated visitors can “reset” their view count by changing browsers, devices, or disabling or deleting the cookie.

Nonetheless it’s still a relatively popular mechanism for view-gating content, and is often seen on many prominent subscription news sites such as The Washington Post and Bloomberg.

Example

A the logic you’ve described could be implemented with a cookie roughly as follows.

wpse408666_handle_visitor_views_cookie() {
  $view_cookie="wpse408666_content_views"; // Cookie key.
  $cookie_ttl  = 24 * 3600; // 24 hours (in seconds).
  $max_views   = 6;

  // Don't process the views cookie for logged in users.
  if( get_current_user_id() > 0 )
    return;

  // Only handle the views cookie for posts and CPTs.
  if( !is_single() )
    return;

  $data = $_COOKIE[ $view_cookie ];

  if( !isset( $data ) {
    // If no cookie is set, set it to a count of 1 and to expire in 24 hours.
    setcookie( $views_cookie, 1, time() + $cookie_ttl );
  }
  else {
    $views = intval( $data );
    
    if( $views < $max_views ) {
      // If cookie is set and under threshold, increment it.
      setcookie( $views_cookie, ++$views, time() + $cookie_ttl );
    }
    else {
      // If cookie is at the threshold, redirect the visitor.
      wp_redirect( home_url( '/max-views-exceeded-page' ) );
    }
  }
}

add_action( 'init', 'wpse408666_handle_visitor_cookie' );

This implementation is very basic (and untested) and is intended just for illustration – it doesn’t use any tamper prevention, the expiration time for the cookie is set based on the server time when it will expire based on the client’s time.

Fingerprinting

Fingerprinting” is the practice of attempting to derive some notion of an end-user’s identity through a number of often inconspicuous details – if a certain user-agent accesses a site from a similar IP or geolocation during certain hours, it may well be the same person, for instance. It is difficult to pull off effectively, and generally requires a substantial amount of resources depending on the end-goal.

The industrial application of the practice primarily falls into the domain of advertising networks and the considerably more ethically-questionable data brokerage industry. Due to the cost, complexity, and possible ethical and legal implications, effective fingerprinting is rarely an appropriate solution.

Related Posts:

  1. How to count current user’s pages?
  2. remove/hide pages from users backend
  3. Allowing user to edit only certain pages
  4. Restrict admin access to certain pages for certain users
  5. Restrict acceess of a page in backend
  6. How to display page title+link of page created by user
  7. Associate Page with User
  8. Show different badge based upon the user role
  9. Personal page for every user (not just authors)
  10. List all private pages user has access rights to read
  11. Adding New Users to Your WordPress Site for edditign only one page
  12. How to create a page that lists all the experts(Users with same access permission as author)?
  13. Remove ID page from wp_count
  14. How to update the counter of private pages in the dashboard?
  15. New user Registration data imported into Page
  16. Role can edit just one page [closed]
  17. access control for assets in a website powered by wordpress
  18. Can I “protect” a page with a form asking for an email address?
  19. Restrict the list of parent pages to only those which are created by current user
  20. Author page like wordpress answers
  21. Custom user tables not working after migration
  22. When I enter password, I’m redirected to the WordPress login form
  23. Page view displays not properly after update wordpress
  24. Standard way of creating profile pages with custom content for each user?
  25. Paginate Links not working
  26. Save search criteria per user and show on custom user page
  27. User profile in front-end
  28. Check if wp-login is current page
  29. Custom templates not showing up in template dropdown
  30. Is there a way (plugin?) to restrict a user to being able to edit just one page?
  31. Access the same page from multiple urls (wildcard)
  32. Add a Page without header and menus?
  33. Prevent WordPress from adding linebreaks to javascript embedded in a page
  34. Add user capability and check against it
  35. How to display only logged in user’s post comments in comments area
  36. Too many pages causes WordPress admin to be unusable
  37. How to get the list of posts in a static page other than front page?
  38. Using JavaScript and JQuery in Page
  39. How can I make Disqus comments not show up on pages?
  40. CMS: Making complex pages editable by the end user
  41. Show child pages when on a child page
  42. Sitewide page on all the blogs in the network
  43. How to display thumbnail and excerpt of a page on homepage?
  44. How to create a page when a theme is activated?
  45. Creating a form contact page?
  46. Problem With Pages Displaying
  47. Removing the TinyMCE editor for a given page template
  48. Missing Pages (Drafts?)
  49. WordPress redirects me to posts page after editing one page
  50. Getting to a specific page on website using specific code instead of navigation bar
  51. Can’t see content on page to edit
  52. How can I allow an User to publish only 5 posts per month?
  53. How can I get the homepage from the loop?
  54. Suddenly forbidden 403 error on some pages
  55. How do I Name a WP page in the New(ish) Block Editor?
  56. How to select a specific page
  57. JQuery Plugins in WordPress
  58. This code won’t find authors page?
  59. WordPress backend:How to hide some specific pages under Pages–>All Pages
  60. Different header for each page in child theme of twenty thirteen
  61. Change a Page’s Header Image
  62. How do I edit text displayed on my browser tab?
  63. Page menu not showing in admin, new Page button missing in toolbar too
  64. Keep page hierarchy in wp_list_pages, even if on a child or grandchild
  65. Order by modified date working in POSTS but not PAGES
  66. WordPress Page doesn’t load the template selected
  67. Custom folder for wordpress page templates
  68. way to make all pages with certain tags public?
  69. Page not appearing under its Parent
  70. Can I use Pages like a Wiki
  71. list child-pages as normal pages?
  72. return page name in url
  73. Create multiple pages with tables from json file
  74. Search anything from a Child and Sub-Pages of their Parent page
  75. Can i use 2 page content-forum & content-forum-slug on bbpress?
  76. Attaching a file to a page without adding to media library?
  77. Change page width in refined magazine/mag and news theme
  78. Requiring a Visitor to Enter a Password Each Time They visit a Page
  79. Display meta data attribute in user profile
  80. WordPress displays widgets out of whack
  81. WordPress form submit to custom page template does not work
  82. Two different layouts for the same post
  83. My page title turns into a h2 tag – What to do?
  84. How do I locate a third party page represented as a slug in my WordPress website?
  85. Custom User Role: Can Edit Own Page, Cannot Create New
  86. Customise the_title in admin area
  87. problem with loading pages
  88. Content not displaying on page
  89. Blank white space where header was [closed]
  90. Display child pages on homepage template
  91. Set order acs and no paging for archive page
  92. Pageview all of sudden not working
  93. Childpage title + content on Parent Page
  94. Filter posts by author selected in page
  95. List Parent page with sub pages
  96. Adding Count Post in Page
  97. WordPress is picking up links that don’t exist
  98. All pages duplicated like a mirror with critical errors
  99. Change the environment for creating a WordPress page
  100. How to have a WordPress user profile just having one button and one input textbox?