If anybody knows can you please tell me the safest and most secure way to have information sent to my email address from a form on my web-site. I have secure server (https) and I know how to make formail scripts but I am told this is not very secure because it uses mail servers. Please email me or send me a message soon.

I have secure server (https)

Is this the same as SSL to you and if not I suggest using SSL. I believe PowWebs SSL offers 128 bit encryption but it's effectiveness also depends of the using/sending browser. SSL is an additional option/cost but very reasonable.

Yes I have SSL with Powweb but I am not sure if it is secure to use it to send feedback from a form to my email address. Let me know if you have any other info. I want to make sure I protect my users so when they change their passoword it is sent to my email.

If your form email uses something like this

action="https://ssssssss.powweb.com:nnnn/cgi-bin/FormMail.pl" +
name="redirect" value="https://ssssssss.powweb.com:nnnn/formreturn.html">

where ssssssss is the name of your server and nnnn is a secure line, I assume, then your in the SSL park.

If not I'd start asking questions in the Email Issues and/or CGI Scripts section of the forum

I am wondering if the regular formail scripts will work by placing them on the SSL and having them sent to my email address. I am looking for an easy way for my users to change their passwords on my site. You should seen what happend today. I was browsing in the cgi and somehow locked the site. Nobody could view it or anything but I figured it out. THANK GOD!

Hi Twizted,

Yes, your regular FormMail forms will work when they're accessed via Powweb's SSL.

SSL access encrypts the communication between the user and the server. Most of the time we're concerned with keeping the information sent by the user secure. In this situation, by accessing the page holding the FormMail form, the user's entries are protected to the point where he presses the "Submit" button and the information reaches the server. Since FormMail will be re-transmitting this sensitive information via EMail, its a good idea to be sure to set the form to send the information to an EMail account from your website to minimize the (fairly remote) chances of interception.

Good luck!

Richard L. Trethewey
www.rainbo.net

I always have been told that info is not secure unless you send the information from a website to a secure recipient or file located on a secure server. I just don't want my user names and passwords getting out. In the past I have actually seen somebody intercept email from forms. I am not sure if it came from a secure server or not but it was terrifying although he was only showing me to teach me and he is a good friend of mine. It still bothers me that certain people can do this. I certified in a lot of things but perl,cgi,java,htm I am not.

I am wanting to make a form secure so my users to my site can change their password and have it sent to my email or either change their email password automatically.

Making your users access the web page that holds the form they need to use via SSL will protect the data the user enters as it travels from their computer to Powweb's computer. In your case, this data will get passed to the program FormMail.pl, which gobbles up the data and then sends it to you (actually, the designated "recipient" EMail address) via EMail. That is the least secure point of your situation since the communication link between FormMail.pl and the destination EMail account is not "secure" or encrypted. I suggested that you only use an EMail address associated with your Powweb website to minimize this vulnerability because it would mean that the information would only be travelling between (among?) Powweb's systems. If you choose an EMail address on a different host as the "recipient", the information would then be travelling out over the Internet at large where it would be more easily intercepted. As long as you are dependent on the FormMail program to capture and send the information, this is probably as secure as you get and reasonably safe from all but the most determined and skillfull hackers.

If you want to increase the level of security, you might want to drop by the
CGI Scripts/Perl forum here on Powweb and ask for suggestions about scripts that would gobble up a form's content and store it in a data file that you could access via FTP, rather than relying on EMail as you must do with FormMail.pl. There's bound to be several such scripts out there.

Good luck!

Richard L. Trethewey
www.rainbo.net