I’m making a public form that sends information to an email account. The form is in Wordpress, so I’m using: https://wpforms.com/
I talked with a representative from WPForms, and they said the form should be as secure as the Wordpress site itself. They gave me a bunch of instructions to make my site secure, and I’ll be using SSL.
This form has private information, like insurance numbers.
Am I following the best solution for this problem? This is my first time collecting information.
Thanks! 
If your site has SSL enabled (you see a lock in the address bar) then any information you send through the form should also be encrypted. This is probably what the representative meant from WPForms. If you secure the site using SSL, then anything you do through that site (assuming you are always using urls that have https ) should also be secure.
So in short, make sure you convert your site over to SSL and standard WP secure tactics, then the form itself should also be secure since it runs through WP.
Forwarding the data by email may not have sufficient security.
I think you should also consider validating and sanitising the data.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.