The Secure Contact Form
Installation and Setup
You'd like to make your website more attractive with an encrypted contact form. Good, with your new contact form your customers can decide on their own if they want to encrypt their message before sending it to you.
You may already have examined the demo version, so you know what the secure contact form can look like for your website visitors. The demo form is only a template that you can modify to integrate the secure contact form into your own business website.
Before you go ahead and download the software, it's important that you know why you'd also have to get your website https-ready. Without https your customer's message would travel unsecured to the server and will then be encrypted to travel securely to your mailbox. For obvious reasons, if you want to provide a secure channel, that is capable of transferring confidential messages, you'd need to secure the message on its way to the server, too. Your customers expect that, and they are right.
It's not as scary as it sounds to get a server certificate and make it work. If you haven't got a certificate already, we're happy to assist you to install one on for your website. With costs close to 50 € per year https is not too expensive, and it matters, if you want to build trust. Get in touch with us, if you need a hand.
Get Your Own Secure Contact FormAll software you need to create your own secure contact form is free and open source, licensed under the GPL. We've bundled the files you need into one single tar-archive, you can download directly from the Kerry Linux download page.
Inside this package, you'll find templates for your contact form and as a first step, we guide you to use one of these before you place the form on your website to go live.
Extract the archive in a subdirectory of your choice in your webserver tree. Alternatively you may extract the files on a different computer and upload every file to your website. Please chose a name for the directory (i.e /securecontact) in which all files are stored. You have to pick another, different directory in which your key will be stored and it is important, that this other directory (i.e /home/gpg) is not located inside the webserver tree.
Now visit:https://yourserver.com/securecontact/contactform.phpWhen you load one of these templates into your browser you'll get an error message, because the directory for the keys does not yet exist.
The Config FileBefore you create a safe place for the keys, you may edit the file "gpgconfig.php", first. There are two lines you have to update, $RECIPIENT and $GPGDIR, you can leave everything else as it is for now.
$RECIPIENT = "firstname.lastname@example.org";
$GPGDIR = "/home/gpg";
Find out which user is running the webserver process (usually this is "apache" on Redhat/Fedora) and run the following commands (as root # ):
# mkdir /home/gpg
# chmod 700 /home/gpg
# chown apache /home/gpg
Now you can start hitting the encrypt button to learn that there are "no keys available" as the directory is still empty. It's important that all files in this directory have minimal access permissions as well.
If you plan to archive your messages on the server, you may create a directory "/home/gpg/messages" and restrict access permissions here, too.
Store Your Public Key
The easiest way to store your public key is to use the key management tool. Download the file kerrylinuxkeys.php and upload it (with this name) to your server where you've extracted the archived files. Before you load it into the browser you must change one line in the config file "gpgconfig.php" to enable a modification of the key database.
$KEYSREADONLY = "no";
Don't forget to set it back to "yes" after your key is stored. If you have already created a key pair, you can cut and paste the public key into the textbox you'll find in the key management menu under "add keys". You should now be able to see your public key in the key list as the only one available. Now it's time to reverse the readonly setting and maybe delete the management tool from the server.
Starting fresh without a key pair, you may select the option "Create a new key pair" to get one. To set up your contact form, this method is not recommended. It's easy to understand, why. You may need to create a key pair, but this should be done with the webmail software that has the encrypt (and decrypt) button. While setting up the webmail software a place to store your keys (both public and private) will be prepared exclusively for you and this directory will be located at an entirely different place, maybe on a different server.
So create the key pair in the web application you use to decrypt your messages (or on your local computer) and download the public key from there. In the key listing there is an arrow on the right hand side that will display the public key block to cut and paste.
Your contact form template should work now and encrypted emails should arrive at your email address by now.
AttachmentsFrom version 1.4 you can offer your website visitors to upload attachments and encrypt it with a key you define on your server. To enable this feature, add the following line to "gpgconfig.php"
$ALLOWATTACHMENTS = "yes";
There is a second configuration file "attachment/gpgconfig.php" that controls the upload script. You need to set your $GPGDIR here, too. And you need to specify the encryption key that will be used to encrypt the attachments. Note, that this key must be present in your key directory $GPGDIR.
$GPGDIR = "/home/gpg";
$ENCRYPTIONKEY = "Your Own Key ID";
$MAXUPLOADBYTES = 30000;
According to your specific requirements you may well adjust the number of bytes, but bear in mind that the absolute limit is defined in your "php.ini" file. Without this directive the maximum number of bytes is limited by 300000 bytes uploaded data per attachment.
Advanced FeaturesWhile in default mode messages are not stored on the server, they are encrypted and sent to your recipient email address. You can switch on archiving all messages with $ARCHIVE="yes" and set the default quota in megabytes. Once the directory "/home/gpg/messages" reaches eighty per cent of its quota, you will receive a warning email, alerting you to delete messages on the server.
To prevent abuse of your contact form by spam bots you can use a slider input to make sure that a real human being has entered the message in your contact form. The required margin is ten percent of the random value, so that a quick adjustment will suffice. To enable this feature uncomment $SLIDER="yes" in the config file.
Additional spam filtering based on simple content checks can be enabled with $SPAMCHECK="yes". These checks prevent messages that contain click-able links or an insufficient number of characters compared to a high number of "/" characters or http references from being sent out. The rules cannot be configured yet, so you can only switch this feature on or off. Please bear in mind that the discarded messages simply are ignored, they won't show up anywhere.
Integration Into Your WebsiteOnce you've got one of the template contact forms up and running on your server it is time to think about its integration into your website. In many cases it would be enough to cut and paste the code into one of your web pages. If you plan to use it on a small number of pages you may set the internal links to your contact pages as https by default.
WebmailOnce your secure contact form is up and running, you'd need something to decrypt the messages. Naturally, installing encryption software on your local machine is the first choice, but there is also the posibility to use encryption with webmail. With this solution you don't need to install anything locally.