DivertDigital GDPR
| 开发者 | zeddivert |
|---|---|
| 更新时间 | 2018年5月15日 16:58 |
| PHP版本: | 5.3 及以上 |
| WordPress版本: | 4.9.4 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
With upcoming General Data Protection Regulation (GDPR) websites have requirements to protect personal data of their users.
This plugin offers following:
- Pseudonimization of user private data (including WooCommerce if installed)
- Newsletter consent trail
- Download all user data
- Forgetting user personal data
安装:
- Upload the plugin files to the
/wp-content/plugins/directory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the 'Plugins' screen in WordPress
- Use the Settings->GDPR screen to configure the plugin
- Modify permisions for /wp-content/newsletter_consents and /wp-content/enc_keys to be writtable by the web server user
屏幕截图:
常见问题:
Why store encryption key as file?
GDPR Article 17 requires that all data be removed, even from backups. If SQL file backups contain the key in database, private information is accessible by just restoring that data. When using encryption as key personal data in the SQL file backups are not readable without it. When removing the user or forgetting his data, removal of the key file makes the data in backups void (unable to be read as we dont have key anymore). Our recommendation is to configure backup system to exclude the keys in regular backups and just synchronize the keys with rsync on the backup server with option to match delete actions in keys folder. Also it improves security by requiring potential hacker to have access to both database and filesystem.
更新日志:
1.0.4
- Added checks for required folders before enabling encryption
- Added check to generateKeys
- Fixed required PHP and WordPress version. Added image assets.
- Fixed install instructions
- Code reorganisation and better compatibility
- First public release