[Resolved] Privacy tips or good security practices

[Author]

Posts

[hernanL]

Hello, I'm working on a custom post type that has a specially private custom field (it's a legal document). This custom field will never be public but it is very important to receive and save

I'm looking for ways to make this document as private as possible. I was thinking about making the form a generic field, so that it is not associated with the post. But it's messy and I'm not sure if I gain much security (by default, wordpress creates a new post for the attachment)

In the documentation I could find the comment that it is good to use the following in custom code:

toolset_snippet_security_check() or die( 'Direct access is not allowed' );

And well, it also makes a lot of sense to place the custom code in the Toolset plugin itself.

In addition to this, can I take any additional measures for privacy? Maybe Toolset Access could block access to a specific custom field, that would be quite useful. Is there a simple way to protect that custom field?

I am open to any advice, recommendations or good practices.

Thanks greetings

[Nigel]

Hi there

The security of custom fields depends on the context of who has access to your site and can edit posts that the field belongs to.

You said "that it is not associated with the post", but I don't think this makes sense: if the field doesn't belong to a post, how do you ever expect to be able to do anything useful with it?

If you create a regular custom field attached to some post, it would only ever be accessible from the front end of your site if your theme or custom templates you create with Toolset (or something else) output the field on the page.

If you don't do that, then your concerns would be limited to the back end (unless someone hacks your database).

Imagine you are the only user of your site who has access to the back end.

No-one else can access the field.

But if you have users with roles who have some kind of editing capability and can edit the posts in question, they could enable visibility of custom fields and see the field in question. Or anyone who had permission to install plugins could install a plugin to interact directly with the database and see the field values.

One thing you could do if submitting content from the front end is to, yes, include a generic field in your form, and for the field key use a key with an underscore (e.g. "_secret-field") and save the field with this key to postmeta.

WordPress treats such fields as hidden system fields, so even if someone enabled custom fields in the back-end post editor, they shouldn't see those fields in the editor (but you should double-check that yourself).

If you need some more specific information (e.g. about saving generic fields) or have some other specific example, please ask.

(Note that the toolset_snippet_security_check() function you referred to is only relevant when adding code snippets at Toolset > Settings > Custom Code to stop the PHP code from being accessed directly.)

[hernanL]

Thank you very much for the information

Not associating the field with the post in my case could add extra security (for example, simply adding something to the form to send me by email) but that can be very messy and would hardly add any security. I am the only person with access to the backend

In the tests I have carried out, I would not be losing functionality by adding "_" to the custom field. I will do more tests before implementing it on the real website but it is very interesting, thank you very much

Everything seems fine, thank you very much =)