This plugin allows you to insert a «secure form» into your website through a simple shortocde. It is usefull when you need to receive sensitive data of any kind, establishing a «safe channel».
The data is sent encrypted with your PGP public key.
Just fill in some plugin options:
- The destination email (your email)
- Your PGP public key in ASCII armored version
Hint: to see your private key you can enter your computer console and run two commands, one to list and one to export (must have GnuPG):
gpg --armor --export username@email
Remember your public key needs to be exported in ASCII armored version, this means that will be surrounded with:
-----BEGIN PGP PUBLIC KEY BLOCK-----
-----END PGP PUBLIC KEY BLOCK-----
Once the shortcode is placed into a page or post, it will render a form with the following fields:
How it works
The message field will be encrypted with your PGP public key and sent as an attachment in ASCII format to the destination email you have configured.
When creating the plugin logic I have made sure that the message field is never sent to the web server, the data is previously encrypted (on the fly) using OpenPGP.js library in the user who is browsing the website.
You will only be able to decrypt the content of the attached file if you have the PGP private key belonging to the public key with which the message was encrypted.
Remember that the purpose of the plugin is only to display a form on your website and encrypt the information that is sent through the «message» field. This plugin does not take care of decrypting the attached file, this task is left to each user in the way they want.
Some usage examples
- Receive secret messages
- Receiving passwords from clients or friends
- Reception of sensitive information
In order to use this plugin you need to have or create a PGP key pair. If you don’t have your key pair generated you can browse the internet on how to generate it.
There are many ways to generate the key, each have a different impact on security.
TIP on generating PGP key pair
One of the best ways of generating your PGP key pair is using a computer witout Internet connection and using Tails OS.
When you cannot find the answer to your question on the FAQ section, check the support forum on WordPress.org. If you cannot locate any topics that solve to your particular issue, post a new topic for it.
Remember this support is offered for free and can take some hours/days to answer and solve your issues.
Secure Contact Form needs your support
It is hard to continue development and support for this free plugin without contributions from users like you. If you enjoy using Secure Contact Form and find it useful, please consider making a donation. Your donation will help encourage and support the plugin’s continued development and better user support.
With the default configuration, this plugin, in itself, does not:
- Track users by stealth
- Write any user personal data to the database
- Send any data to external servers
Actually the plugin ships in English and is translated to Spanish.
You can contribute and translate this plugin to your own language.
- Upload the entire
secure-encrypted-formfolder to the
- Activate the plugin through the Plugins screen (Plugins > Installed Plugins).
You will find Secure Encrypted Form menu in your WordPress admin screen.
How to prevent and filter SPAM?
You can use some service like Google Recaptcha v3 for now. More comming soon.
My server is not sending emails
Your server may be restricted or disabled to send emails. In that case you can use a SMTP plugin to send authenticated emails as WP Mail SMTP. Always remember to check your SPAM folder.
Contributors & Developers
“Secure Encrypted Form” is open source software. The following people have contributed to this plugin.Contributors
- Fixed donation links.
- Added logs link on admin.
- Added ‘from’ and ‘to’ parameters on logs.
- Added detection for PHP mail() function.
- Updated feedback messages.
- Fixed initialization of plugin options, thanks to @nilovelez for commenting the problem.
- Fixed options leading spaces on inputs.
- Added loading status icon.
- Initial launch.