Introduction
Plugin Overview
RichWP GrowRich is a modern WordPress e-commerce plugin that redefines digital commerce through its stateless, privacy-first architecture. Unlike traditional e-commerce solutions that store customer data and rely on cookies and sessions, the GrowRich plugin utilizes a tight Stripe integration and operates in an entirely stateless manner—using secure tokens for authentication and access control while maintaining full GDPR compliance.
GrowRich turns any WordPress site into a powerful e-commerce setup where you can sell any kind of product including digital downloads, premium content, and subscriptions through Stripe integration, all without storing any customer information in your WordPress database. This approach eliminates privacy concerns, simplifies compliance, and provides lightning-fast performance.
Key Features
Stateless Authentication System
- Magic Link Authentication: Users receive secure, one-time login links via email
- PASETO Tokens: Self-contained, encrypted tokens replace traditional sessions
- No Cookie Dependency: Operates without browser cookies or server-side sessions
- Automatic Cleanup: User data expires naturally with token expiry
Digital Downloads Management
- Secure File Distribution: Time-limited download URLs (30-minute expiry)
- Flexible File Sources: Support for WordPress media library or external URLs
- Access Duration Control: Set unlimited or time-limited download access
- Bulk Management: Efficiently manage multiple product-file mappings
Advanced Paywall System
- Multiple Paywall Types: Hard paywall, teaser preview, blur overlay, redirect
- Content Protection: Restrict access by categories, tags, or individual pages
- Premium Content Blocks: Server-side rendered access control
- Custom Paywall Designs: Branded paywall patterns and templates
Premium Content Access Control
- Granular Permissions: Control access to specific content areas
- Subscription Management: Handle recurring revenue streams
- Account Dashboard: User-friendly access to downloads, invoices, and subscriptions
- Customer Portal Integration: Seamless Stripe billing portal access
GDPR-Compliant Architecture
- Zero Customer Data Storage: No personal information retained in WordPress
- Data Minimization: Only processes data necessary for transactions
- Right to Erasure: Automatic data deletion through token expiry
- Privacy by Design: Built from the ground up for compliance
Developer-Friendly Features
- REST API: Complete programmatic access to all functionality
- Gutenberg Blocks: Native WordPress block editor integration
- Hook System: Extensive customization through WordPress actions/filters
- Pattern Library: Block patterns for common use cases
Security Features
- HKDF Key Derivation: Generates encryption keys from WordPress salts
- Salt Change Detection: Automatic alerts for security key updates
- Rate Limiting: Built-in abuse prevention
- Encrypted Storage: Sensitive data protected with AES-256 encryption
System Requirements
Server Requirements
- WordPress: Version 6.8 or higher
- PHP: Version 8.2 or higher (with OpenSSL extension)
- MySQL/MariaDB: Version 5.6 or higher
- Web Server: Apache, Nginx, or compatible server
- HTTPS: SSL certificate required for secure token transmission
External Services
- Stripe Account: Active Stripe account with API access
- Email Delivery: SMTP or transactional email service for magic links
- WordPress Hosting: Standard hosting with PHP exec() access (for key derivation)
Browser Compatibility
- Modern Browsers: Chrome 90+, Firefox 88+, Safari 14+, Edge 90+
- JavaScript: Enabled (required for interactive features)
- Cookie Support: Not required (stateless design)
Security Prerequisites
- WordPress Salts: Properly configured in wp-config.php
This plugin represents the future of privacy-compliant e-commerce, combining powerful functionality with uncompromising data protection. The stateless architecture ensures your users’ privacy while providing a seamless, secure shopping experience.