I'm interested in implementing the '[[LINK href="http://www.zirona.com/software/contact-form-encryption-wordpress/"]]Subrosa plugin[[/LINK]]' on top of the the '[[LINK href="http://www.dagondesign.com/articles/secure-form-mailer-plugin-for-wordpress/"]]Secure Form Mailer(SFM) plugin[[/LINK]]'. It apparently works with WP ContactForm and Contact Form II, but those plugins have not been updated or are not available (to my knowledge). My website is configured with the Secure Form Mailer plugin and would like to keep it that way, if possible.
I found this [[LINK href="http://blau.in/blog/720"]]tutorial[[/LINK]] which outlines the configuration of Subrosa, but it is specific to using Contact Form ][.
The Subrosa plugin page it describes that only the message portion of the contact form will be encrypted. As the message portion of the SFM plugin is comprised of various fields would all of those be encrypted?
As I am not a programmer I am not sure how complex this is to accomplish. Hopefully it just requires a little bit of code modification of the SFM plugin. If not, is someone willing to be hired to create some custom code. I think healthcare providers will find this a huge help in trying to comply with HIPAA regulations.
Note: I notice the Subrosa plugin page was just taken down since I posted this.
Oleg Butuzov answers:
hm, only one good encryption is using https for that propose... so yuo will need just replace action so its point to https of the website.
stubynyc comments:
Thank you for your quick reply. My website is already 256 bit SSL secured, but to make sure it is HIPAA compliant I believe I may need this extra level of protection.
Oleg Butuzov comments:
well you can tweak encrypt fucntion =).
add custom fields to your form .. and use it in encruption.
find in subrosa
function encrypt( msg_field ) {
this function is actually encrypt data.
here is encryption line...
var text = " \n\n"+document.getElementById( msg_field ).value+ " \n New field of form\n" + document.getElementById('id_of_the_input_you_add').value+clientip+"\r\n";
and it will work!
Oleg Butuzov comments:
var text = " \n\n"+document.getElementById( msg_field ).value+ " \n New field of form\n" + document.getElementById('id_of_the_input_you_add').value+clientip+"\r\n";
stubynyc comments:
I have sent you an email for clarification.
stubynyc comments:
This is actually becoming more complicated than I thought. Giving Oleg the prize for the time he has put into it so far (we have worked via email). Will post the solution when it all comes together.