WordPress.org

Ready to get started?Download WordPress

Forums

Wp App Studio
Fundamentally Insecure (4 posts)

1 star
  1. Tom J Nowell
    Member
    Posted 1 year ago #

    The plugin relies on a remote host, which makes it fundamentally insecure. No matter how well the code is written, all it takes is a man in the middle attack and the entire stack is compromised.

    It would be better if the generated code was done on the server, and provided on the server like the boilerplate generators. Having a plugin to do it is opening up a security hole.

  2. gurumark
    Member
    Posted 1 year ago #

    I just replied to Franz. Wp App Studio is not gonna fix nobody's servers security problems.

    If you are worried about the security, man in the middle attack etc. or your network is not secure enough, use their demo server (demo.emarketdesign.com). Wp App Studio is installed and fully functional there.

    Generate your code there in their own server. That's what I do when I can not connect to company servers. Then you will be able to review the code, and see if it is safe enough for you. It is open source, modify, hack do whatever you want and make it useful for yourself and others. if you like to see more improvement, let them know. Their support team is great and very helpful.

  3. Tom J Nowell
    Member
    Posted 1 year ago #

    That's good, but that's how all the code should be generated and deployed

  4. gurumark
    Member
    Posted 1 year ago #

    Wp App Studio does not generate code. The backend SaaS server does. All process starts and finishes in their server. It does not touch your box at all. The code is then uploaded Amazon S3 then you are provided with a link to the app's (plugin) zip file. The plugin data is kept in S3 for 6 months so you can download from there whenever you want.
    I also asked them to host the plugins generated in their servers and make them available to our clients. They said they are working on the setup.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.