Secure Version Not Very Secure
-
I paid for the “Secure” version of this plugin…
The pdf direct download link is in plain text in the page source and post headers (pdfemb-serveurl) 🙁
Instructions say uploading the PDF in the securepdfs/ folder ensures security and enabling the secure settings creates a backdoor path, not so. I was able to directly access the file from a browser without using a referrer header and download the file. A content Bot would have no issues scraping PDFs.
Caveat Emptor
On a positive note, the plugin does have a small memory footprint, that should help with page load speed 🙂
- The topic ‘Secure Version Not Very Secure’ is closed to new replies.