New

Encrypt/hide the access keys in the S3 Cloud settings

Wednesday, December 22, 2021

1 Replies

308 Visits

This is just a suggestion to encrypt or otherwise make the access keys unable to be discovered by someone with server access.

When someone does a ransomware or other destructive attack, the solution is to store backups off server on somewhere like Amazon S3. However, if the S3 keys are easily found as they are in the cloud addon, then the attacker can easily get into the backups as well.

I don't know how this would be done in Wordpress, but it would be good for security.
Regards
Rob

Assistance

3 years ago

#17339

Hi,

Thanks for adding your feature request here.

This is just a suggestion to encrypt or otherwise make the access keys unable to be discovered by someone with server access.

When someone does a ransomware or other destructive attack, the solution is to store backups off server on somewhere like Amazon S3. However, if the S3 keys are easily found as they are in the cloud addon, then the attacker can easily get into the backups as well.

I don't know how this would be done in Wordpress, but it would be good for security.

This feature is not implemented yet, but I'll add it to our feature request list and keep that in mind for a future release.
If you need it urgently, please drop us a ticket (Menu Support > Support ticket). Our developer in charge will take a look at that.

Thanks a lot!
Best Regards,

Page :
1

There are no replies made for this post yet.