I’m looking for a solution to store user input webform data encrypted on the server.
Ideally the client gets an (unencrypted) email to be informed that there’s a new entry and can login to Kirby and see the data automatically decrypted with his account.
I can’t find anything “out of the box” for Kirby.
Does anyone have an idea how to approach this?
Hi! I think first of all you should clarify what’s the purpose of this like from what kind of attack do you want to protect the content? I think a better approach is to encrypt the whole server because if you can encrypt and automatically decrypt your content, the key must be stored somewhere and that doesn’t sound safe.
There might be sensitive data in the webform input. If somebody gets access to the server they shouldn’t be able to read that particular data. The rest of the data stored on the server is not sensitive.
I think that warg means that if the website is autonomously able to decrypt the data, anyone with access to the server could do the same (banally he could edit whatever script does the decryption and make it accessible to anyone, or really just look at how the decryption works, read the keys, and do it himself).
But even if the server isn’t able to decrypt the data all by itself; someone with access to the server could alter the script that encrypts the data, for example making it send a clear text version to his email (just as an example) before it gets encrypted. He could alter the login script to let him know the user credentials, so that he could then login as the user.
Once bad people have access to your server, preventing leaks gets really complicated, really fast.
Instead of encrypting data, it would make more sense to make sure that the server is always as save as can be: Security | Kirby CMS The weakest part is usually weak passwords.
Thank you for your input! The general server security is something we always keep track of.
But you’re right: If the server is compromised - so is presumably the encryption.