Support » Plugin: SSL Insecure Content Fixer » Test page prints env variables with sensible information

  • Hi,

    I’m using environment variables to pass data to the wp-config.php file. The test page of this plugin prints an array where my variables are printed with their values. This is a hole security for me and cannot use the plugin then… Why does the plugin have such behaviour?

    • This topic was modified 4 months, 3 weeks ago by  miguelitomola.
    • This topic was modified 4 months, 3 weeks ago by  miguelitomola.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author webaware

    (@webaware)

    G’day miguelitomola,

    That’s there to help me diagnose why a WordPress installation can’t detect HTTPS.

    Can you tell me please, what are your environment variables called? And are you adding them as environment variables, or server variables?

    cheers,
    Ross

    Hello webaware,

    Thank you for your reply.

    The names of the variables: WCAPI_DB_NAME, WCAPI_DB_USER, WCAPI_DB_PASSWORD, WCAPI_DB_HOST and WCAPI_SITE.

    They are environment variables in a Docker container where the Apache server is running. In order to access them with php, I have used the PassEnv directive in an Apache conf file (https://httpd.apache.org/docs/2.4/mod/mod_env.html). In conclusion, they are both environment and server variables.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.