WordPress.org

Ready to get started?Download WordPress

Forums

Job Manager
All Resume's are crawled by Google and publicly available (24 posts)

  1. aarongray
    Member
    Posted 2 years ago #

    Hello,

    Thanks for the awesome plugin. It really is great. But, today, to my horror, I discovered that all our resume's are publicly crawled by Google. So, any competitor, or anyone interested in who is applying to our company, or anyone searching for a particular person by name will see that this person has applied to work with us. This is not good.

    My first thought was simply to disallow the wp-content/uploads folder in my robots.txt file, or to disallow all docx/pdf/doc/etc. files. But then I realized that this might hurt our site from an SEO standpoint, because Google would not be able to access any of our images or pdf's.

    My second thought would be to immediately delete a person's resume after they apply. This would hide it from the world, but it would also seriously hamper our ability to use Job Manager to track applicants and resume's. We'd have to start storing them in a local folder in addition to using Job Manager. Which really defeats a lot of the advantages of managing H/R through your website.

    My best guess would be to change the Job Manager plugin code so that it stores all resume's in a subfolder, for example, wp-content/uploads/resumes. Then, you could add a checkbox to the Job Manager Settings inside WordPress Admin that would allow people to hide or show their resume's to the world. I'd assume that most people would want to hide them by default.

    How difficult would this be for you to program into an updated version of Job Manager? Is it possible you could add this improvement to keep resume's private? I think that this is a very important feature, and I look forward to hearing if you can add it.

    Thanks again for the wonderful plugin.

    --Aaron

    http://wordpress.org/extend/plugins/job-manager/

  2. oklahomafire
    Member
    Posted 2 years ago #

    I agree, this a huge privacy issue!!!!

  3. kenfections
    Member
    Posted 1 year ago #

    Does anybody have a solution for a Jobs Manager plugin that doesn't have this privacy issue? My client is pretty pissed.

  4. websmythe
    Member
    Posted 1 year ago #

    Possible workaround...??
    1. Dissallow resume uploads in Job Manager
    2. Provide a clickable link (the email link defined for that job) for email upload, eg:
    <a href="mailto:name@site.com">Click here to email your resume</a>

  5. kenfections
    Member
    Posted 1 year ago #

    Thanks websmythe!!! I'll try the second one.

  6. websmythe
    Member
    Posted 1 year ago #

    @kenfections - You need to do both 1 & 2

  7. websmythe
    Member
    Posted 1 year ago #

    In your App. Form Settings, use an HTML field instead of a 'File Upload field', and use a mailto: link like the above, with what ever email address your using.

    You can also specify the subject line as well, eg: 'Click here to email your resume'

  8. kenfections
    Member
    Posted 1 year ago #

    But if I add that field to the application form, the user would have to come back to their browser after sending their resume via an email and click "submit application", no?

  9. dvinedno
    Member
    Posted 1 year ago #

    That's correct. the mailto: would defeat having an application form.

    I'm looking at this issues and currently my only work around is have the apply now direct to a contact form 7 application.

  10. websmythe
    Member
    Posted 1 year ago #

    Hmmm... Let's see, I'm sure I said "Possible workaround...??"

  11. Recruiter1
    Member
    Posted 1 year ago #

    It was an excellent idea websmythe. Haven't heard anyone come up with better idea. It is worth just having an email your resume link instead of putting candidates' resumes out for public consumption.

    Has Gary responded to anyone?

  12. blinqx
    Member
    Posted 1 year ago #

    Why not just remove the read flag from (group and world) directory

    http://www.yourdomain.com/wp-content/uploads/2012/

    This will disallow the world and groups to reach out to the above folder. But you "admin" can always follow the link in the emails that you receive everytime a user registers for a job posting. And that works fine.

    Unless I am missing something and or this is causing other issues?

    Hope this helps.

  13. aarongray
    Member
    Posted 1 year ago #

    Thanks for the suggestion blinqx, but I believe that changing the permissions on that directory would prevent all not-logged-in site visitors from being able to view any of the images or files that you have uploaded to your WordPress site. Many times WP sites use content in this folder for their site design or content, and so if you change the permissions on that folder, it would cause your website to look horrible.

  14. webrightnow
    Member
    Posted 1 year ago #

    Half the problem with this plugin is that instead of using its own set of functions to handle job posts and applications, it simply hijacks the core WordPress functions for creating posts and attachments. For this reason you can't change where attachments are stored - you would have to change the core WordPress files, making future updates a real hassle.
    I can see why the developer did this: it made his job much easier, but unfortunately this way of creating plugins is not future-proof, which is why all sorts of problems are starting to appear with Job Manager as WordPress moves on (broken pagination etc.) whilst the plugin is no longer supported.
    I just wish some other kind soul would take over development of this plugin and keep it up to date. It's the only one that really does what I need it to - but it's no longer safe or reliable.

  15. Gary Pendergast
    Member
    Plugin Author

    Posted 1 year ago #

    As webrightnow pointed out, the problem here is that Job Manager relies entirely on the the Media Library, instead of handling the upload itself. It was a cute idea at the time, but in retrospect, the wrong decision.

    There is a large amount of cruft in the Job Manager codebase (the basis of problems such as this and the pagination issue), so a friend and I have started rewriting it to more modern WordPress standards.

    For those interested in following along at home, I've started a Rewrite Plan (for which comments are always welcome), and the (currently non-functional) branch is here, if you want to follow development progress:
    http://wordpress-job-manager.googlecode.com/svn/branches/1.0.0/

    If following development progress isn't your thing, but you'd like to be notified when an alpha or beta version is available for testing, please follow me on Twitter: @GaryPendergast.

    I understand Job Manager is a critical part of your website for many of you, and it hasn't had much love recently - I do apologise for that. Thank you all for your patience in this.

  16. webrightnow
    Member
    Posted 1 year ago #

    Thanks Gary, it's great to hear that you are rewriting the plugin and bringing it up to date. I'm sure a lot of users will be very grateful.
    I will follow you on Twitter to find out about beta releases. Just one question: will you be able to rewrite it in such a way as to allow previous users to update the plugin via WordPress, retaining the existing database of jobs and applications, or failing that, will there be some sort of import facility built into the program? I am sure this would be a welcome feature.

    Thanks!

  17. Gary Pendergast
    Member
    Plugin Author

    Posted 1 year ago #

    Backwards compatibility, or some sort of upgrade process will definitely be part of the new version, and something I'll be asking for help with testing. It will be one of the last parts written - we want to write the new version without feeling like we're restricted by existing data structures - but there's not much point rewriting a plugin if all of the existing users can't upgrade to it. :-)

  18. aarongray
    Member
    Posted 1 year ago #

    Gary, its great to hear that you're updating this plugin. Thanks for chiming in and giving us the scoop! Looking forward to what's coming. :-)

  19. archiseek
    Member
    Posted 1 year ago #

    Great news Gary - looking forward to a revitalised plugin.

  20. voozer
    Member
    Posted 1 year ago #

    I just want to say this is a great, great plugin. I've only started building my company site (never knew anything about wordpress/coding/anything a few weeks ago, but now I'm up to speed), and I'm primarily building it around this plugin which will be perfect for me and my company.

    I do have a few questions about the update (as I wasn't aware until I stumbled on this thread of the exposed CV issue):

    1. Will the uploaded resume feature still be included? It's great!

    2. What about XML feeds for sites like indeed.com or simplyhired.com? Will that be included in the new version?

    3. Is custom user log-in a reality? Say for example I have 8 - 10 people working in my company at some point, will they be able to log straight into a job-management portal rather than trawl through the wordpress corridors to get to the destination?

    In its current form I'm able to utilize job-manager's functionality in a very modest sense. I must admit, compared to what I would've done in its place, there is no comparison... but I am definitely looking forward to a revamp so I can unleash its full potential over my site.

    Again, I'm really appreciative of this plugin and your (and your team's) hard work. And I cannot thank you enough for doing it on a donation basis (I have avoided the word "free" as anything worth something should cost something). I will be sure to visit the donation page!

    Great work.

  21. voozer
    Member
    Posted 1 year ago #

    Another idea I had was for dropdown boxes in the job form creator so preselected text (ie - perm or contract options) could be utilized for ease. Just a thought... throwing it out there!

    Also, I should ask, is there a way to utilize the category feature to create a search engine at the top of the jobs page?

    I'm an extreme newbie so please be sensitive in answering as I'm dumb as rocks... sorry if my question is either extremely naive to the simplicity or complexity of my request. =(

    Thanks!

  22. webmarketinghub
    Member
    Posted 1 year ago #

    Another question in this same realm is 'encryption' and is the script secure and how vulnerable is it to exploitation. The script would need to encrypt that information instead of storing it in plain text to be very secure because employee applications contain sensitive information.

  23. bakjesbv
    Member
    Posted 1 year ago #

    Is there not an easy option that the CV can be attached to the email as an attachment while not being stored in the wordpress media library? This would solve the problem for the time being until a new version is available. The downside is that the online database will not be fully functional. But it depends then whether you use this or not.
    Many thanks!

  24. ArtGoddess
    Member
    Posted 1 year ago #

    Hello Gary,

    How is going the development of the new version?

    We would be more than happy to test a beta version of Job Manager, and continue with translation.

    Would be very nice that Automattic let you invest time in your plugin.

    Please, let us know anything.

    THANK YOU for your time and effort.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic