A super customizable contact form that lets your visitors send you email. Blocks all automated spammers. No templates to mess with.
|Author:||fastsecure (profile at wordpress.org)|
|WordPress version required:||3.4.2|
|WordPress version tested:||4.8.1|
|Added to WordPress repository:||27-08-2009|
|Total downloads:||7 667 225|
|Active installs:||400 000+|
Click to start download
screenshot-1.png is the contact form.
screenshot-2.png is the contact form showing the inline error messages.
screenshot-3.png is the
Contact Form optionstab on the
screenshot-4.png adding the shortcode
[si-contact-form form='1']in a Page.
screenshot-5.png Schedule an appointment feature.
Install automatically through the
Add Newmenu in WordPress, or upload the
si-contact-formfolder to the
Activate the plugin through the
Pluginsmenu in WordPress. On the Admin screen use the Plugins side menu to select FS Contact Form to configure the forms.
You must add this shortcode
[si-contact-form form='1']in a Page, Post, or Text Widget. You can find this shortcode on the Basic Settings tab of any form. Here is how to add the shortcode: Log into your blog admin dashboard. Click
Add New, add a title to your page, enter the shortcode
[si-contact-form form='1']in the page. Uncheck
Allow Comments, then click
Test an email from your form.
Updates are automatic. Click on “Upgrade Automatically” if prompted from the admin menu. If you ever have to manually upgrade, simply deactivate, uninstall, and repeat the installation steps with the new version.
For best mail delivery results, be sure to properly configure the email settings on the Basic Settings tab:
Read the following instructions and watch the YouTube video below:
Set the “Return-path address” setting to a real email address on the SAME domain as your web site. This step really is ALWAYS necessary so mail is properly identified as originating from your server. For best results the “Email To” and the “Return-path address” should ALWAYS be separate REAL email addresses on the SAME DOMAIN as your web site (don’t skip this important step!).
Some people will like to set the “Email To” to a gmail.com, outlook.com, or some other webmail address (if that is what you want, go ahead and try it), but the “Return-path address” should ALWAYS be set to a real email addresses on the SAME DOMAIN as your web site. If you try a webmail address and your mail is not sending, try changing the “Email to” address to a REAL email addresses on the SAME DOMAIN as your web site. You can still deliver it to your webmail address by forwarding the email from a setting in your hosting control panel, or configuring your webmail to fetch a mail account.
Next step, check this setting box:
Enable when web host requires “Mail From” strictly tied to site (don’t skip this important step!).
Click “Save Changes”, then test your form’s mail delivery by sending a message from the form on your page. When testing your form on your page, do not fill out the email field with the same email address as the “Email To” or “Return-path address”. Use a different email address because some server’s security settings do not allow email to send from/to the same address.
If you have other forms in use, be sure to repeat these settings for each form.
Now your email is properly configured for best delivery. Your form Email should now be DMARC compliant for users who submit your form with yahoo, aol, comcast, or any other provider who now requires DMARC compliance.
The email you receive will appear to be from your site email address, but because the email header “Reply-to” is set as the form user’s email address. You should be able to just hit reply and send email back to the real sender. Also you should see the sender’s email address in the message content. So it is still possible to send mail to that address if the “Reply-to” is somehow ignored by your email program.
I just installed this and do not get any email from it, what could be wrong?
Follow the instructions above, but if you still need help…
I just installed this and do not get any email from it, what could be wrong?
If I upgrade from version 3.xx, will my forms and settings be lost?
No, it will automatic import of settings from versions 2.5.6 up to 3.xx. As long as you do not use the delete button when deactivating the plugin.
You can and should make a backup of your forms.
I upgraded from version 3.xx, to 4.xx and my forms and settings did not import
The forms should have imported. In some rare cases, they don’t import. Sorry for any inconvenience.
Update to the latest version, click the button on the Tools tab “Import forms from 3.xx version”.
More help is on this help page:
I upgraded to 4.xx version and my forms did not import
What happens during upgrade from 3.xx, where are the settings stored?
The upgrade is run automatically only once after installing or upgrading the 4.xx version over a 3.xx versions.
The 4.xx version uses different wp options settings than 3.xx
The options settings are rows in the wp_options database table.
During 4.xx install, the installation looks to see if 4.xx options are not present(first time install), and if 3.xx options are present(3.xx was installed previously), if it passes both those tests, then it runs the import code in
How do I backup or restore my forms?
On the Tools settings tab is a backup / restore tool.
The backup / restore feature can be used for backups or as a site to site transfer. You can back up ALL forms and transfer ALL forms to the same or new site using the restore feature. Or you can back up individual forms and restore them to the the same or new site replacing any one form selected during the restore. Please consider that restoring one form or ALL forms makes permanent replacements to the forms already on the site you restore them to.
Read more about backups
Is this plugin available in other languages?
Yes. To use a translated version, you need to obtain or make the language file for it.
At this point it would be useful to read Installing WordPress in Your Language from the Codex. You will need an .mo file for this plugin that corresponds with the “WPLANG” setting in your wp-config.php file. Translations are listed below — if a translation for your language is available, all you need to do is place it in the
/wp-content/plugins/si-contact-form/languages directory of your WordPress installation. If one is not available, and you also speak good English, please consider doing a translation yourself (see the next question).
The following translations are included:
- Albanian (sq_AL) – Romeo Shuka
- Arabic (ar) – Jasmine Hassan
- Bulgarian (bg_BG) – Dimitar Atanasov
- Chinese (zh_CN) – Awu
- Danish (da_DK) – GeorgWP
- Farsi (Persian)(fa_IR) Ramin Firooz
- Finnish (fi) – Mikko Vahatalo
- French (fr_FR) – BONALDI
- German (de_DE) – Sebastian Kreideweiss
- Greek (el) – Ioannis
- Hebrew, Israel (he_IL) – Asaf Chertkoff FreeAllWeb GUILD
- Hungarian (hu_HU) – Jozsef Burgyan
- Italian (it_IT) – Gianni Diurno
- Japanese (ja) – Ichiro Kozuka
- Norwegian Bokmal (nb_NO) – Tore Johnny Bratveit
- Polish (pl_PL) – Pawel Mezyk
- Portuguese (pt_PT) – AJBFerreira Blog
- Portuguese Brazil (pt_BR) – Rui Alao
- Romanian (ro_RO) – Anunturi Jibo
- Russian (ru_RU) – Iflexion
- Spanish (es_ES) – Manuel
- Swedish (sv_SE) – Elger Lindgren
- Traditional Chinese, Taiwan (zh_TW) – Cjh
- Turkish (tr_TR) – Tolga
- Ukrainian (uk_UA) – WordPress Ua
- More are needed… Please help translate.
Can I provide a translation?
How to translate Fast Secure Contact Form for WordPress
Is it possible to update the translation files for newest version?
How to update a translation of Fast Secure Contact Form for WordPress
For more help… See the official FAQ at FastSecureContactForm.com
What is the “Schedule an appointment” button on my contact form?
You can extend your contact form to let your users to schedule appointments based on your availability.
Learn more about Why should I add Online Scheduling to my website
You can enable or disable this option in the “Scheduling” tab of your contact form plugin settings page.
If you have additional questions visit vCita Support Page
4.0.55 – 8 August 2017
- Updated version number stored in the database.
- Further code reorganization steps.
4.0.54 – 28 July 2017
- I’m starting to update all the language files to reflect the new strings. Please submite your localization!
- Fixed a regression bug introduced as a typo during the first round of code clean-up.
4.0.53 – 27 July 2017
- Code clean-up for improved readability and maintainability. This will help me add new features more quickly.
4.0.52 – 20 June 2017
- Fix readme.
4.0.51 – 25 May 2017
- Fix PHP 7.1.4 error PHP Warning: A non-numeric value encountered.
4.0.50 – 10 Mar 2017
- Make sure the reCAPTCHA is branded as the reCAPTCHA V2 “I’m not a robot”, not Invisible reCAPTCHA.
- Update French (fr_FR) – BONALDI (thank you).
- Fix some strings that could not be internationalized.
4.0.49 – 12 Feb 2017
- Remove ini_get booleen test to check if safe_mode may be on or off. Older PHP versions that use safe mode are unsupported now anyways.
- Update Mike’s plugin links
4.0.48 – 04 Feb 2017
- Fix compatible with my soon to be released Fast Secure reCAPTCHA plugin.
4.0.47 – 03 Feb 2017
- Make compatible with my soon to be released Fast Secure reCAPTCHA plugin.
- Move settings link from the Plugins menu to the Settings menu.
- Fix some strings that could not be internationalized (a few more to will be fixed soon).
- Improve the reCAPTCHA functions, HTML, and settings.
4.0.46 – 20 Jan 2017
- Added Google reCAPTCHA. By default, the original Secure Image CAPTCHA is enabled, but you can enable Google reCAPTCHA if you want. Just go to the form edit page Security tab – CAPTCHA Settings. Check the setting “Enable reCAPTCHA”, enter your Google reCAPTCHA keys for the site. Included is a link to get new free keys. Some users have reported a recent increase of spam on their forms, if you are having this problem, I suggest enabling Google reCAPTCHA.
4.0.45 – 03 Jan 2017
- Apply similar patch to CVE 2016 10033 and CVE 2016 10045 vulnerabilities.
4.0.44 – 22 Oct 2016
- Change alternative text “CAPTCHA image” and “Refresh image” to “CAPTCHA” and “Refresh”.
- 500 Internal Server error is now fixed on the Newsletter tab
4.0.43 – 23 Jun 2016
- Fix: wp_get_current_user error after wordpress 4.5.
4.0.42 – 18 Jun 2016
- Fix: syntax error on password field.
- Added autocomplete=off to CAPTCHA field.
- Fix: removed stray ampersand on end of redirect url.
4.0.41 – 13 Feb 2016
- Fix: PHP Fatal error: Class ‘securimage_ctf’ not found.
4.0.40 – 12 Feb 2016
- Fix: Captcha did not show on some PHP7 installations
- Fix: W3C validation Error with the attachment field.
4.0.39 – 01 Jan 2016
- Fix: The sender’s location was no longer being shown in emails when you upgraded Visitor Maps and Who’s Online to version 18.104.22.168+.
- Updated vCita code for recent API changes.
- Removed advertisements.
- Updated the Swedish translation
4.0.38 – 07 Sep 2015
- Fix: There are five form settings fields where unfiltered HTML is allowed by form Administrators by design. The problem fixed was that the setting DISALLOW_UNFILTERED_HTML was not being checked before allowing HTML. This issue was reported by Sathish from Cyber Security Works Pvt Ltd.
4.0.37 – 25 May 2015
- Fixed bug: redirect url encoding.
- Fixed bug: the auto form fill feature will now automatically make the name and email form fields readonly when the feature is enabled to auto fill the logged on user’s name and email. Non-logged in users can still edit those fields to enter their own name and email. Note: administrator is ignored, always has to fill in the fields.
- Fixed bug: placeholder was not working on password field type.
- Added filter to modify autoresponder subject. This is useful for adding a ticket number.
4.0.36 – 02 May 2015
- Fixed possible xss vulnerability with add_query_arg(), remove_query_arg() and esc_url() usage.
- Improved timezone compliance with WP standards.
4.0.34 – 03 Apr 2015
- Added a new filter hook to allow modifying the $user_info array. The user info is displayed at the end of the email
- Changed the default CSS for Radio and Checkbox field inputs to comply with google webmaster tools mobile friendly test. The tap targets were too close for radio and checkbox fields on mobile devices.
- CSS changes made in an update will only change the defaults for new forms you add, not any existing ones. This is to respect any settings you might have made yourself on the forms you have now. Please adjust these settings manually on any existing forms with radio or checkbox fields.
4.0.33 – 17 Feb 2015
- Fixed fscf_init_languages priority
- Fixed a print array was left active during silent send
- Updated turkish language file