This plugin adds a secure form in your website that uses OpenPGP encription to secure sensitive communications.
| Author: | Daniel Pereyra Costas (profile at wordpress.org) |
| WordPress version required: | 5.3 |
| WordPress version tested: | 6.4.4 |
| Plugin version: | 1.0.1 |
| Added to WordPress repository: | 14-02-2023 |
| Last updated: | 23-02-2024 |
| Rating, %: | 100 |
| Rated by: | 2 |
| Plugin URI: | |
| Total downloads: | 1 352 |
| Active installs: | 30+ |
 Click to start download |
|
This plugin allows you to insert a “secure form” into your website through a simple shortocde. It is usefull when you need to receive sensitive data of any kind, establishing a “safe channel”.
The data is sent encrypted with your PGP public key.
Usage
Just fill in some plugin options:
- The destination email (your email)
- Your PGP public key in ASCII armored version
Hint: to see your private key you can enter your computer console and run two commands, one to list and one to export (must have GnuPG):
gpg --list-keys
gpg --armor --export username@email
Remember your public key needs to be exported in ASCII armored version, this means that will be surrounded with:
-----BEGIN PGP PUBLIC KEY BLOCK-----
your-long-key-string-will-be-here
-----END PGP PUBLIC KEY BLOCK-----
Once the shortcode is placed into a page or post, it will render a form with the following fields:
- Message
- Subject
- Name
How it works
The message field will be encrypted with your PGP public key and sent as an attachment in ASCII format to the destination email you have configured.
When creating the plugin logic I have made sure that the message field is never sent to the web server, the data is previously encrypted (on the fly) using OpenPGP.js library in the user who is browsing the website.
You will only be able to decrypt the content of the attached file if you have the PGP private key belonging to the public key with which the message was encrypted.
Remember that the purpose of the plugin is only to display a form on your website and encrypt the information that is sent through the “message” field. This plugin does not take care of decrypting the attached file, this task is left to each user in the way they want.
Some usage examples
- Receive secret messages
- Receiving passwords from clients or friends
- Reception of sensitive information
Requirements
In order to use this plugin you need to have or create a PGP key pair. If you don’t have your key pair generated you can browse the internet on how to generate it.
There are many ways to generate the key, each have a different impact on security.
TIP on generating PGP key pair
One of the best ways of generating your PGP key pair is using a computer witout Internet connection and using Tails OS.
Recommended software
Support
When you cannot find the answer to your question on the FAQ section, check the support forum on WordPress.org. If you cannot locate any topics that solve to your particular issue, post a new topic for it.
Remember this support is offered for free and can take some hours/days to answer and solve your issues.
Secure Contact Form needs your support
It is hard to continue development and support for this free plugin without contributions from users like you. If you enjoy using Secure Contact Form and find it useful, please consider making a donation. Your donation will help encourage and support the plugin’s continued development and better user support.
Privacy notices
With the default configuration, this plugin, in itself, does not:
- Track users by stealth
- Write any user personal data to the database
- Send any data to external servers
- Use cookies
Translations
Actually the plugin ships in English and is translated to Spanish.
You can contribute and translate this plugin to your own language.
Screenshots
FAQ
ChangeLog