Reduces security

  • Resolved David Anderson

    (@davidanderson)


    2 years ago

    Hi,

    I notice in the code of this plugin that if WP_DEBUG is set, then the filter https_ssl_verify is set to false (and https_local_ssl_verify also).

    i.e. Anyone developing a site will no longer benefit from verification of SSL connections, reducing security.

    There is no reason to be doing that, and especially to be doing it without informing users that it’s being done. If you have a local development issue that means that you don’t want to verify SSL certificates, then that’s something for you, not something for everyone.

    David

Viewing 1 replies (of 1 total)
  • Plugin Author santerref

    (@santerref)

    Very good point and I removed this code block in version 1.0.1. Indeed, it is for a development environment, so it is better not to keep it.

    Thank you David!

    Francis.

Viewing 1 replies (of 1 total)
  • The topic ‘Reduces security’ is closed to new replies.