security breach?

  • Resolved alm06130

    (@alm06130)


    3 years, 3 months ago

    I just begin to use your great plugin, but found some drawbacks.
    The file log.txt located in wp-content seems readable by everyone.
    I think this is not suitable, because it displays secret key among other data; if debug turned on in real mode, the secret key displayed is the real mode secret key, or am I wrong?
    I think at least permissions on file would be modified, so that web server can’t access it ; settings should permit to locate debug file outside web server access.

Viewing 1 replies (of 1 total)
  • Plugin Author Noor Alam

    (@naa986)

    @alm06130, It’s for debugging purposes only. If you disable the debugging option in the settings the plugin will not write anything to the log file.

Viewing 1 replies (of 1 total)
  • The topic ‘security breach?’ is closed to new replies.

Tags