How to Properly Hide Thank You Pages in WordPress?

The topic I want to talk about in this post is a little bit more complex than usual. At a certain moment in time I was facing to several questions regarding hosting of sales pages (thank you, bonus, etc.). Almost in a sudden, several questions started to haunt my brain:

1. What sales pages builder to use (OptimizePress, LeadPages, whatever)?
2. How many domains should I use for all my squeeze pages, thank you pages, download pages, and so on and so forth?
3. How to hide these pages to limit direct access?

Well, the 3rd question is not simple at all because there is no “invisible” status for content items. If such a functionality existed, it would be simple for all the plugins to honor it consistently.

Questions and Answers

I’ll try to answer to all of these questions one at a time and expose my findings and explain my decisions.

1. What sales page builder to use?

As a matter of fact, it doesn’t really matter. In the end it depends on your preferences. I’m not gonna make a comparison here, but no matter which one you choose, every single one has some kind of progressive licencing system, and you have to pay a progressive price depending on how many websites are going to use it.

I personally use OptimizePress, not because it’s the best, but at the moment I started my online business, my mentor suggested in his training to use it, as the rest of the training was heavily based on it. So, in my case, my decision was circumstantial.

2. How many websites/domains to use?

It depends on how many OptimizePress (or whatever) licences are you willing to pay for. I decided to use a single dedicated domain for all my sales pages for affiliate products, and, of course, one domain for each product of my own.

My thinking was rather simple here: the number of affiliate products that I’m promoting started to grow, so obviously I must use one single domain for all of them, either my primary blog or some dedicated domain and WordPress installation. One domain and one OP license.

As for membership sites hosting your own products, that’s another discussion. Of course, one domain per membership site, it cannot be otherwise.

3. How to hide a thank you page from everywhere it may appear?

In fact, there are multiple places where you must hide such a page. I took into consideration the following factors:

1. Must not be indexed ranked in SERPs by search engines. I achieved this by using Yoast SEO plugin. You can specify noindex and nofollow tags at page/post level.
2. Must not be exposed in the XML site-map. This is automatically achieved by using the XML site-map functionality of same Yoast SEO plugin.
3. Must not appear in search results, HTML site-map, archives, blog pages, feeds, you name it. For this I’m using WP Hide Post plugin which is doing a pretty good job.
4. Must not implement autocomplete to the canonical URL. Yes, WordPress has this feature by default. For example if you have a post at “www.example.com/some-post” and you enter “www.example.com/so” in the browsers address bar, WordPress will perform a 301 redirect to the correct address, which is not desirable for “thank you” pages, because their URL could be guessed quite easily. But it’s not simple to deactivate it without breaking other permalink functionalities. In this case I definitely would prefer a “404 not found” response instead of a “301 redirect”.

To solve this particular issue I did quite an extensive research on Internet, and finally I came up with a solution. It’s really annoying that disabling automatic redirect to canonical URLs is not included in the WordPress core functionality.

Now, How to Disable Automatic Redirect to Canonical URLs?

You have to include a PHP code snippet, which can be done in 3 ways:

1. Add a one file plugin in wp-content/plugins and activate it.
2. Add a one file plugin in wp-content/mu-plugins.
3. Insert the code in your current theme’s functions.php file, or better yet, use a child theme.

I personally prefer to use the first solution. So, here is the snippet:

function remove_redirect_guess_permalink( $redirect_url ) {
	if ( is_404() )
		return false;
	return $redirect_url;
}

add_filter('redirect_canonical', 'remove_redirect_guess_permalink');

And of course, you must not link to these pages from anywhere, obviously. Only from the web forms or wherever required.

Further Considerations on Hiding from Search Engines [update Nov 10, 2015]

Today I stumbled upon an old article (https://yoast.com/prevent-site-being-indexed/) which confirmes that my approach using robots meta tags and not robots.txt was indeed correct. In fact, this is exactly what happens when using those SEO options at page level.

The same thing can be achieved at the website level if you check “Search Engine Visibility” on Settings::Reading admin page, but this also alters the virtual robots.txt file. According to the mentioned article, a better approach would be to add a Heading directive in .htaccess file. IMO, hiding an entire website could be useful if it consists entirely of “thank you”, “bonus” or other such pages.

If you want to keep even lower profile with your website, just clear the “Update Services” textbox in Settings::Writing admin page. This will prevent pinging the pages/posts upon publishing altogether.

And if you want to keep the lowest low profile possible, disable the feeds as well by installing “Disable Feeds” plugin. 🙂

This is the way I solved the hidden page problem. Security through obscurity. I didn’t find yet a sound solution to completely disallow direct access. It could be feasible by using cookies, I think.

If you have anything to suggest, I highly appreciate if you leave a comment.