NO SSL Flash Upload WordPress Plugin Review
If you are using SSL (https) to secure your WordPress admin sessions and you have an SSL certificate that is not trusted by default (because it is self- signed, signed by an untrusted certificate authority, signed for a different
domain name, etc.), then you probably have problems using the Flash uploader.
This plugin disables SSL usage by the Flash uploader. This allows you to use the Flash uploader when you have FORCE_SSL_ADMIN enabled, with an untrusted SSL certificate. This works around the vague “IO Error” you get from the Flash uploader in such a situation.
Note that this plugin comes with the following security implications:
- Flash uploads no longer use SSL, thus, your uploaded files aren’t encrypted
during transmission. - Uploading files with the Flash uploader will transmit your WordPress
authentication cookie in plain text. - If someone captures your login cookie (which is transmitted any time you load
a page on your WordPress site while logged in, whether you are using SSL or
not), they may be able to use it to upload files, view information about
uploaded files, or change information about uploaded files.
If the benefit of having the Flash uploader available outweighs these potential security risks for you, then you can use this plugin to enable the Flash
uploader.
Note that this plugin override’s WordPress’s auth_redirect and wp_validate_auth_cookie functions, and may not work if you are using other
plugins that override these functions.
Download: NO SSL Flash Upload
Related Posts
-
Top 10 Traffic Builder WordPress Plugins
Posted on Oct 6, 2010
-
WordPress Popup Scheduler Plugin Review
Posted on Aug 2, 2010
-
SocioFluid WordPress Plugin Review
Posted on Jul 25, 2010
-
Gregarious WordPress Plugin Review
Posted on Jul 25, 2010
Tags
Share This
thank you your post, it very interesting , i will try it. thank you very much!