[wp-hackers] Encrypting comment_author_IP, comment_author_email and user_email

Otto otto at ottodestruct.com
Fri Oct 23 19:15:36 UTC 2009


On Fri, Oct 23, 2009 at 12:20 PM, William Canino
<william.canino at googlemail.com> wrote:
> I would like assurance that someone who gains db access to the blog or
> get hold of a SQL dump cannot harvest email addresses.
>
> Also, if this is something one shouldn't worry about, why not?

If somebody gets DB access, then you're pwned already. They can do
much worse things than simply harvest email addresses. Your site is
basically under their control at that point.

-Otto


More information about the wp-hackers mailing list