Reset Password Link not working with Ultimate Member plugin

The Issue #

If you are on WP Engine and using the  Ultimate Member plugin to create a registration form and the link that is sent via email to reset the password keeps throwing the “invalid key” error, try the following instructions.

The Solution #

1. Disable Object Cache. This is done on WP Engine User Portal > Caching > Object Cache > Disable.

2. Ask WP Engine support team to disable cache on the following URL:

Be sure that this is what they add on the exclusions. We have experienced issues when they add a ^or / at the beggining of the path:

arg: act=reset_password
path: member-password-reset/?act=reset_password

3. Clear all caches and test again.

Additional Information #

This happens because Ultimate Member does some validation on /plugins/ultimate-member/includes/core/class-password.php using Password::form_init(); and after that validation, the page is redirected to the previous mentioned URL (that is the same from the email link but without the has and user_id, that was replaced with a cookie), so, the user clicks the link for something like this:

but is redirected to something like this:

As you can see, the original URL has a unique hash so, the cache won’t be an issue, but the redirected URL is always the same, and that’s where we have cache issues. And that’s why we need to exclude that URL.

Powered by BetterDocs


Subscribe and stay connected through our Newsletter. We send out important news, tips and special offers.

  • This field is for validation purposes and should be left unchanged.