Updated to version 4.0.9 to fix the problem of PDFs with sensitive data being publicly accessible. Despite this, I found that sensitive PDFs are still exposed on my domain and found on Google and Bing.
The plugin fails to secure sensitive data as promised. If you need to protect confidential information, this plugin is unreliable.
Search for: “PDF files found in Search Engines!” in the support forum to learn more.
Hi, there is no issue with the configuration but with the plugin as yourself noted in the changelog 4.1.2 “The issue with removing PDF attachments has been fixed.”. However, it is still leaving the PDF files on the server. I have created a htaccess file to block everything accessing that directory because a robots.txt is just not enough.
You’re correct. Yesterday, I updated to version 4.1.2, and you selected “Do you want to remove the PDF attachment after the mail is sent?” When “Yes” is selected, the PDF file is not added to the upload folder, but it is still added to the “plugins/generate-pdf-using-contact-form-7/attachments” directory. This is because the users can download the PDF after form submission. Please check the attached screenshot link for reference. screenshot link : https://prnt.sc/aUDxQ_IjEI4L
If you have any questions, feel free to ask; I’m also here to help.
ZealousWeb, uploads or the plugin directory, PDF files should stay private and secured.
domain.com/wp-content/plugins/generate-pdf-using-contact-form-7/attachments/*.pdf may not end up in search engines.
You should either inform all users about this or upon installation a .htaccess file is added to block bots or anyone from accessing. A client’s ID and bank account number ended up in search engines.
