Benjaminmh
Member
I am building a website for a friend who is a loan officer. He wants a solution for clients to fill out pre-qualification forms online. These forms would include personal information such as income, address, social security number etc etc.
Is this a secure enough plug-in to be the solution for his needs?
Gravity Forms has no added security features. Your forms are only going to be as secure as your hosting, MySQL and WordPress site is. I would suggest making sure you take steps to harden your WordPress install and look into security related plugins to prevent unauthorized admin access, etc. But it doesn't currently do any data encryption of the form data.
1) get SSL for your wp-login and wp-admin
2) get SSL on your page where the form is displayed and any output is rendered (e.g. confirmation page if you output the form's data)
3) reference http://www.gravityhelp.com/documentation/page/Gform_save_field_value and http://www.gravityhelp.com/documentation/page/Gform_get_input_value to store the sensitive information fields in the database with encryption
4) don't send the secure fields in the email notification. Make people login to see the form submissions. From there, they can export, screen shot, whatever humans + computers can do...
Is that what you're wanting to know how to do?
Thanks Clifford. Your steps are perfect for most situations and hopefully the people looking for help with this issue will take the time to follow them.
