hartleyit

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter hartleyit

    (@hartleyit)

    Thinking about it further, I’m also concerned about the data which might leak out of the CSV file, as this is also published in a zip file in the uploads directory. In particular usernames, email addresses, and any other ‘sensitive’ elements which might be configured to be included. If these were to leak out it would almost certainly be a Data Protection breach…

    Thread Starter hartleyit

    (@hartleyit)

    Thanks for the explanation Josie, this confirms my thought that the best that can be done with the current release is to configure the Apache access rules for the folder(s).

    Would it be a big change to use a folder other than uploads? Or better still even to have the location configurable when the plugin installs?

    Thanks again

    Steve

Viewing 2 replies - 1 through 2 (of 2 total)