Security Questions

  • Steviebabes

    (@steviebabes)


    9 years, 10 months ago

    Hi
    I have a client, a firm of Solicitors and they are concerned about security.
    Where are the invoices stored? Are they accessible to anyone or only the specified user? If they are stored on the site, how soon can they be removed after they are created??

    Apologies for the next slightly newbie question, but how secure is the WordPress user database? My recommendation will be to create secure passwords and assign them to clients, though this creates an extra level of possible security compromise and management by the firms accounts department that I suspect will not necessarily be kept up..

    Thanks in advance

    https://wordpress.org/plugins/wp-invoice/

Viewing 1 replies (of 1 total)
  • Plugin Contributor Anton Korotkoff

    (@anton-korotkoff)

    9 years, 10 months ago

    Hello,

    1. Invoices are stored in WordPress database the way posts, pages are stored. Invoices meta data is stored in corresponding tables for meta in WordPress database as well.

    2. Invoices are accessible for all who has a secret URL. It is URL with random hash that references to specific invoice. But there is an option that allows to show invoices only for logged in recipients.

    3. You can add, remove invoices when you need. There is an UI with a list of invoices where you can manage them just when you need.

    4. This article completely describes all WordPress Security aspects http://codex.wordpress.org/Hardening_WordPress

    Thanks.

Viewing 1 replies (of 1 total)
  • The topic ‘Security Questions’ is closed to new replies.