简体繁体 English

如何加密通过Wordpress中的联系表单7上载的文件并在通过TLS发送电子邮件之前将其解密

[英]How Can I Encrypt a File Uploaded via Contact Form 7 in Wordpress and Decrypt it Before Sending it By Email Over TLS

原文 2016-03-18 13:39:13 1 1 wordpress/ encryption/ attachment

I am developing a WordPress web site for a health care organisation where data from users of the website must be treated very securely. 我正在为医疗保健组织开发一个WordPress网站，其中必须非常安全地处理来自网站用户的数据。 Users of the website can use a contact form to send information to the organisation. 该网站的用户可以使用联系表单向组织发送信息。 The form is built using Contact Form 7. The web site uses HTTPS with a valid certificate. 表单使用Contact Form 7构建。该网站使用HTTPS和有效证书。 So data is transferred from the form on the browser to the web server where it is immediately sent via email over TLS to the organisation's mail server which is configured for TLS. 因此，数据从浏览器上的表单传输到Web服务器，然后通过TLS电子邮件立即将数据发送到为TLS配置的组织的邮件服务器。 No data from the form is stored on the server either in file or in a database. 表单中的数据不会存储在文件或数据库中的服务器上。 The data in only ever in unencrypted form (in memory) for as long as the HTTPS request / response cycle. 只要HTTPS请求/响应周期，数据只能以未加密的形式（在内存中）。

However, the organisation now wants to let users upload a file along with the contact form data. 但是，组织现在希望让用户上传文件以及联系表单数据。 Contact Form 7 supports file upload. 联系表7支持文件上传。 The connection is still HTTPS so the file will be encrypted on the way up to the web server. 连接仍然是HTTPS，因此文件将在到达Web服务器的路上进行加密。 The file will be stored temporarily on the web server before being attached to the email that is sent over TLS to the mail server. 在将文件附加到通过TLS发送到邮件服务器的电子邮件之前，该文件将临时存储在Web服务器上。 The file will be deleted once the email has been sent. 电子邮件发送后，该文件将被删除。

So there is now a chink in the armour. 所以现在盔甲上有一个缝隙。 That chink is the file that is stored "temporarily" on the server. chink是“临时”存储在服务器上的文件。 Using the default upload option, the file will be stored in unencrypted format. 使用默认上载选项，文件将以未加密的格式存储。 This means that the data exists outside of process memory in a decrypted format for a period of time. 这意味着数据以解密格式存在于进程内存之外一段时间。 Furthermore, although the intention is that the file is only kept in decrypted format for a short period of time, this may not always be the case. 此外，尽管意图是文件仅在短时间内以解密格式保存，但情况并非总是如此。 For example, the file deletion may fail or may not even happen due to some prior error. 例如，由于某些先前错误，文件删除可能会失败或甚至可能不会发生。

So my question is whether it is possible to ensure that the uploaded file is only ever stored in encrypted form on the web server AND additionally is decrypted in memory before sending via email. 所以我的问题是，是否有可能确保上传的文件只以加密的形式存储在Web服务器上，并且在通过电子邮件发送之前还要在内存中解密。

I can't find a way of doing this with Contact Form 7. Also I haven't been able to find another plugin that does this. 我找不到使用Contact Form 7执行此操作的方法。此外，我无法找到执行此操作的其他插件。

Any ideas or suggestions? 任何想法或建议？

Thanks. 谢谢。

1 个解决方案

First of all, plugin recommendation requests are off-topic on SO. 首先，插件推荐请求在SO上是不合时宜的。

Secondly, and most importantly, what you are trying to do with the contact form, the personal data involved and encryption has huge legal liabilities when you do things wrong. 其次，也是最重要的是，当您做错事时，您要使用联系表进行的操作，所涉及的个人数据和加密具有巨大的法律责任。

You need to know know - and possibly your employer needs to know, too, being a health organization - that you're dealing with federal law, specifically HIPAA. 您需要知道-您的雇主也可能需要知道作为一个卫生组织-您正在处理联邦法律，特别是HIPAA。 Read http://www.hhs.gov/hipaa/ 阅读http://www.hhs.gov/hipaa/

Tell your employer to hire a professional with experience in HIPAA compliant servers and data storage principles. 告诉您的雇主聘请在HIPAA兼容服务器和数据存储原理方面经验丰富的专业人员。