WordPress Forms Usage

Disclaimer

Website Translation Disclaimer

THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

The website has been translated for your convenience using translation software powered by Google Translate. Reasonable efforts have been made to provide an accurate translation, however, no automated translation is perfect nor is it intended to replace human translators. Translations are provided as a service to users of the website, and are provided “as is.” No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, or correctness of any translations made from English into any other language. Some content (such as images, videos, Flash, etc.) may not be accurately translated due to the limitations of the translation software.

The official text is the English version of the website. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. If any questions arise related to the accuracy of the information contained in the translated website, please refer to the English version of the website which is the official version.

WordPress Forms Usage

Posted on May 2, 2023 in Security

Website administrators using form tools made available via WordPress or by WordPress plugins, such as Gravity Forms, should understand the potential security risks associated with them before using them to collect information on public facing websites. WordPress form tools are not as secure as other methods of collecting data, and poorly configured web forms may provide bad actors additional attack vectors. Here are a few tips and best practices for using forms in WordPress:

Understand your audience and anticipated volume of response. Using a WordPress form is a good option for general contact forms or forms that expect low to moderate responses. WordPress forms on state-hosted websites leverage the compute and processing power of the underlying web infrastructure. Sudden surges in traffic could potentially affect the web server hosting your website and lead to performance degradation and/or availability issues for your website. For high volume responses (over thousands of responses), consider offloading your web form onto a cloud service such as Microsoft Forms or Google Forms. Those cloud services are built to withstand larger amounts of traffic.
Prevent SPAM by implementing a CAPTCHA challenge. CAPTCHA fields are available and pre-configured within Gravity Forms, and can differentiate between real users and automated users, such as bots. The use of a CAPTCHA fields can help prevent or thwart unwanted form submissions.
Enable form field validation where possible. It is good practice to configure field level validation so that you can dictate the type of data being entered into your form, as well as ensure data integrity of the data you are collecting. For example, if you must include a file upload field on your form, it is good practice to limit the file size and restrict the file type of files submitters are allowed to upload.

Aside from what you can do to help protect your website and web forms, ETS implements several host-level protections such as a website firewall, a content delivery network, cache tools, secured and zero-trust login methods, intrusion protection and anti-malware monitoring to ensure availability and further protect your website and its data.

Website Translation Disclaimer

WordPress Wiki

WordPress Forms Usage

Post Categories

About us

Policies