Encrypting data sent via Express Forms
Permalink 1 user found helpful
I've been reading this guide on how to encrypt and decrypt text:
https://documentation.concrete5.org/developers/security/encryption-s...
I want to make use of this with all block types that accept user input.
Mainly:
- Form block (express_form)
- Survey block
- Conversation block
- Legacy Form block (form)
I've started by looking at encrypting the data sent to the database from the form block in 8.3.2 (express_form). However, I'm unsure where to put the code seen in the link above in order to make that happen.
The dashboard interface for Express implies that the data is already encrypted in the database, but I can see the form submissions in one of the tables, appearing as they were entered.
https://documentation.concrete5.org/developers/security/encryption-s...
I want to make use of this with all block types that accept user input.
Mainly:
- Form block (express_form)
- Survey block
- Conversation block
- Legacy Form block (form)
I've started by looking at encrypting the data sent to the database from the form block in 8.3.2 (express_form). However, I'm unsure where to put the code seen in the link above in order to make that happen.
The dashboard interface for Express implies that the data is already encrypted in the database, but I can see the form submissions in one of the tables, appearing as they were entered.
Hi,
Yeah, it's for GDPR compliance.
The fact that Express data isn't encrypted is why I'm asking this question.
Yeah, it's for GDPR compliance.
The fact that Express data isn't encrypted is why I'm asking this question.
Have you looked at doing this at server level?
By configuring the server for an encrypted file system, all data is then encrypted, irrespective of database tables, files or cms code. That way, there are no knock on issues for the cms code.
By configuring the server for an encrypted file system, all data is then encrypted, irrespective of database tables, files or cms code. That way, there are no knock on issues for the cms code.
Is this related to GDPR compliance?
I don't think Express data is encrypted in the database.