Jump to content

DesB

New Member
  • Posts

    3
  • Joined

  • Last visited

Profile Information

  • Gender
    Male
  • Location
    Staffordshire
  • Boat Name
    Farne

Recent Profile Visitors

149 profile views

DesB's Achievements

0

Reputation

  1. DesB

    DVCC

    Thanks for the response and additional info in your PM. When I Googled the full link to the file, only 2 results were returned - a link to the file itself and a link to this thread. Clearly my arithmetic skills are a little rusty, as 2+2 does not make 5! I guess we will never know where the initial leak came from. It is also a timely warning that basic WordPress security leaves a lot to be desired. Incidentally, it is not my club - I am a member of a different AWCC club but run the AWCC website.
  2. DesB

    DVCC

    Was that before or after the link was posted here?
  3. DesB

    DVCC

    Just to give some background on this... The AWCC Handbook is available in the members area of the AWCC website, open to current members of AWCC affiliated clubs. At the top of the page from which it is generated, the following statement is prominently displayed:- "The AWCC handbook (in either paper or electronic format) must only be issued to current members of an AWCC club. Under no circumstances should it be made available on any other club website unless access to it is restricted to current members of that club in a secure area of the site." The club in question had published a copy in the members area of their website which was password-protected using the standard WordPress facilities. Unfortunately, these facilities only protect the pages on which the uploaded file link is available, not the uploaded file itself. This is fine providing the link to the file is not made available to those outside the club. Once the link was posted on this forum the web crawlers were able to access the handbook pdf file and index all the entries in it. Within 48 hours of the link appearing on this site, the AWCC Treasurer had received a scam email purporting to come from the AWCC Chairman, based on names and email addresses that were current at the time that version of the handbook was produced but which have subsequently changed. Furthermore, details of officers of all AWCC clubs have been made available outside the limit of AWCC club members which is contrary to the basis on which they agreed to have their details included in the handbook and is therefore in contravention of the current data protection legislation. This is not acceptable. The club in question has now removed the handbook file from their website and has further password-protected their upload directory. Alias says that they are not a member of an AWCC club; I would be most interested to learn where they got the link to the file from so that we can ensure such leaks do not occur in the future - you can PM me, unfortunately I cannot PM you as my number of postings on this forum is insufficient to allow me to do so. For future reference, details of all AWCC clubs are available on the public side of the AWCC website at https://awcc.org.uk/clubs_find1.php. Clubs are encouraged to publish skeleton details there for the benefit of potential members which would normally include a general club email address, contact details for the membership secretary, club website address (if one exists), the correspondence address for the club plus a profile of the club. Unfortunately, DVCC have chosen to only publish the correspondence address, but that is their choice. Des Barnard AWCC Webmaster
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.