- This topic has 1 reply, 2 voices, and was last updated 5 years, 2 months ago by
.
-
Posts
-
Alex,
I am curious about the info displayed in the database,
It could be possible for wllts to add some db hashing for security purposes? do you think it could improve the general security?
Tank you
Hello,
No, this would be a really bad design. What type of attack would this secure against? If someone has access to your server, then they can also figure out whatever decryption/decoding/etc mechanism that the plugin would have to use, in order to read the data. If you want to add hashes to table rows to prevent tampering, then again nothing is stopping someone from circumventing that, once they have access to your DB. This is why there is a big security disclaimer in the plugin. Security must be enforced on your server via traditional means, i.e. do everything that is recommended for your type of server and WordPress. For example: https://codex.wordpress.org/Hardening_WordPress
Please let me know if you think I misunderstood your question.
with regards
- You must be logged in to reply to this topic.