Can I make WP custom forms secure?

  • Author
    Posts
  • #1160966

    mubeen8
    Member

    Hi there,
    I’m relatively new to WP and have been working on my new website: safe-therapy.com

    I’m trying to host hushmail secure forms on the site to protect my clients’ confidentiality. Am I right in thinking this is not possible on WP? Hushmail gives a line of code to amend a form to make it secure but it doesn’t work…

    Mubeen

    The blog I need help with is safe-therapy.com.

    #1161021

    mubeen8
    Member

    I think I’ve found my answer.. WP doesn’t allow changes to HTML code in the way hushmail needs to do to make it secure.. :(

    any suggestions/alternatives to create a custom form and make it secure?

    #1161057

    mubeen8
    Member

    Hopefully, someone can answer this.. in relation to the above issue:

    The wordpress support pages say: “If you want to use an email provider that is not listed in our Add Email page, you will need to obtain the custom DNS records from your provider. This will consist of one or more MX records, and often an A record and/or a CNAME record as well. Refer to our support page about custom DNS records in order to format your records correctly.”

    If I get the custom DNS records from hushmail, will the information entered onto a wordpress web form then via hushmail to my hushmail email address.

    Really hope someone can answer this!

    #1161067

    raincoaster
    Member

    I’m not sure what you’re asking here: are you asking about the confidentiality of the people entering information into the forms, or about your own confidentiality? Your personal email is never exposed to the people using the form.

    #1161081

    mubeen8
    Member

    The confidentiality of people entering info onto the form – it’s an online counselling website and I need something more secure than regular email to send me their info.

    #1161096

    raincoaster
    Member

    There’s no way to force them to use hushmail or a secure service, but the Contact Form itself isn’t exactly email to email; it’s website to email, so if you don’t make an email address a required thing, then they should be able to jsut fill in the form without it.

    #1161102

    mubeen8
    Member

    Thanks for your reply. I understand that I can’t make them sign up to hushmail or another secure service.

    The issue is that It is not only a Contact Form I want to set up but a custom form asking personal questions about mental health issues to help me assess whether they would be suitable for online counselling.

    My concern is about how vulnerable that client information would be en route from the website to me. I’m hoping to encrypt the information they enter when they press submit, and keep it secure while it is sent to my hushmail email account, where it is unencrypted for me.

    I have paid for an extra Hushmail secure forms service that gives me a line of html code to add to forms to make them secure by encrypting the information. I did this because I read on the WP support pages that the info entered onto a custom form is sent to me in a way that is no more secure than regular email – which I dont feel is safe enough for my clients.

    I hope I’m making sense!

    #1161104

    raincoaster
    Member

    You will not be able to do that using a WordPress.com contact form: it simply generates an email, unencrypted. If you can embed some other secure code in some webspace, you can link to it.

    #1161105

    mubeen8
    Member

    Thanks. I’m trying that now – with the help of a developer.

    #1161106

    raincoaster
    Member

    If these are counselling sessions, why don’t you conduct them on a private IRC?

    #1161107

    mubeen8
    Member

    No they’re not counselling sessions – this bit is purely for answering queries and getting the initial assessment info. I’m not planning to use IRC.

    Thanks for the suggestion, though. I’ll probably go for Skype video/audio along with asynchronous encrypted emails when I’ve agreed to continue working with a client.

The topic ‘Can I make WP custom forms secure?’ is closed to new replies.