- This topic has 2 replies, 3 voices, and was last updated 11 years, 8 months ago by .
Viewing 3 posts - 1 through 3 (of 3 total)
Viewing 3 posts - 1 through 3 (of 3 total)
- You must be logged in to reply to this topic.
WordPress Membership Plugin
Simple Membership Plugin › Forums › Simple Membership Plugin › Major security breach after quitting Browser!!
Tagged: log out, Quit Browser, Security
Hi, The problem I have with this and other plugins like this is if someone (in our case one of the Directors) quits the browser after logging in anybody else can reopen the browser and view the “protected” page without needing to log in. Major security breach. Is there anything that can be set up to stop this.
I don’t think this is a problem with the plug-in per se. If I am logged into a web site (e.g. my airline account) and I close the browser, and then quickly re-launch the same URL, I am still logged into that account.
So, I believe this may be more of a problem with WordPress Ajax login credentials and account maintenance/browser than the plug-in itself. I’m not up-to-speed enough to understand the login/account issues.
Your “semi-public” computer has cache turned-on, so the browser honors that. I believe there is a way to have the browser kill-off all cache and history when closing.
Good luck.
@josephm, This is a standard browser behavior (not an issue with the plugin). If you are using facebook on a browser and then you close the browser without logging in, then if you re-open the browser what happens? You will still be logged in. If you logout then you won’t see this behavior. If it is a public computer then you want to set the browser to clear everything (cache, cookie etc) when it is closed.