Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the pue-sales domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/staging-poc/public_html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the better-click-to-tweet domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/staging-poc/public_html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the pue-amazon domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/staging-poc/public_html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the pue-stats domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/staging-poc/public_html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/staging-poc/public_html/wp-includes/functions.php on line 6114
Security Questions | Event Espresso - Staging Server

Support

Home Forums Event Espresso Premium Security Questions

Security Questions

Posted: December 20, 2013 at 1:22 pm

Viewing 4 reply threads


Angela Haddon

December 20, 2013 at 1:22 pm

Hi, I have two pretty general security questions:

1. I notice that links for event tickets, account details, and invoices are sent to the attendee via email, and that these links do not require any login to access ie. they are publicly available. Given that the invoice includes sensitive information such as attendee name, email, and the particular event they wish to attend, is this a security risk? I assume these are temporary links that aren’t indexed, but I just wanted to check the security implications.

2. If my client processes all payments through third-party sites, would you still recommend forcing an SSL connection for the Registration Page & Shopping Cart (ie. is it advisable that she purchase an SSL certificate for these pages), or would that be overkill?

I really appreciate your help in this matter!


Garth

  • Support Staff

    •

December 21, 2013 at 12:19 am

Hi Angela,

How are you today?

1) Those links are not indexed and generally very unique.
2) If by third-party websites you mean an off-site payment gateway then you do not need a SSL. If you plan to process payments with an on-site gateway then a SSL certificate is highly recommended.


Angela Haddon

December 22, 2013 at 2:54 pm

Hi Garth, and thanks for that information; just wanted to be sure. The payments will be processed off-site, so that’s not an issue. However, do you find that there is any kind of issue with spamming on the registration page? Would you advise adding reCaptcha or similar? Thanks again, and Merry Christmas!


Dean

  • Support Staff

    •

December 23, 2013 at 2:18 am

Hi,

Some users get more spam than others. The reCAPTCHA system is available (General Settings) and will help reduce against bot spam, but for the increasingly common human spam there is little defence.

If you are suffering from spam registrations then try reCAPTCHA and see if it helps.

If it doesn’t help you could try something like http://wordpress.org/plugins/better-wp-security/ or even start blocking IP addresses (in blocks if necessary).


Angela Haddon

December 27, 2013 at 12:03 pm

Hi Dean – thanks for that; much appreciated!

Viewing 4 reply threads

The support post ‘Security Questions’ is closed to new replies.

Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.

The original Forum description...

Status: closed

Updated by Angela Haddon 11 years ago ago

Topic Tags

Tagged: , ,

Notifications

This topic is: resolved
Event Espresso - Staging Server