| Re: My contact form is not emailed to me [message #173637 is a reply to message #173633] |
Thu, 21 April 2011 17:42   |
P E Schoen
Messages: 86
Registered: January 2011
Karma:
|
Member |
|
|
"crankypuss" wrote in message
news:p810r6d6kaa5b6mhqo98f8d53qgno7neh9(at)4ax(dot)com...
> "P E Schoen" <paul(at)pstech-inc(dot)com> wrote:
>> I still don't think anyone would be that much
>> interested in hacking this site.
> There are people out there who will swerve to run over a cat just
> because they can, why spend any more time in the middle of the
> road than you have to?
I agree, but most of this thread became an argument with Jerry based on his
false assumptions, and now he agrees that the site does not have the
vulnerability he asserted. This is a special purpose script, functioning
only to allow a few people to add content to a database, and the email is
only a notification to me that someone has done so. As such, the subject
line consists only of hard coded text and a fully authenticated name. Jerry
may say that it is user-unfriendly, but not for the purpose intended.
Certainly I have a lot to learn about security and hacking, but given the
knowledge of what kinds of attacks are possible, I still believe my site to
be just about as secure as is reasonable. If the data were sensitive, or if
hacking could allow someone to use it as a spam portal, then I would
certainly use more elaborate means to assure security.
Along with the general purpose free PHP script for a secure form mailer
http://www.dagondesign.com/articles/secure-php-form-mailer-script/, I also
found this form mail script which uses encryption and has a seven year
history of security, for $99. http://www.tectite.com/formmailpage.php
There is also the issue of what is "reasonable" security. If I wanted to
feel totally safe, I could lock myself in my house, and when I went out I
could wear full body armor, lead shielding, and a gas mask, or I could hire
a bodyguard. But unless the environment were far more dangerous than it is,
taking all these precautions would be overkill and diminish my ability to
enjoy life. The internet is a dangerous place, but for the most part there
are safe and inexpensive ways to protect against threats without extreme
limitation of its use and enjoyment.
I have learned a lot from this discussion, and I appreciate the helpful
responses.
Paul
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]