697 comments found.
Hi,
Thanks for your previous response relating to access and obtaining data via the GF API.
We’ve just purchased this plug-in, we’re intending to install it onto a test site before moving it over to our live site, will there be any issues regarding licensing? it will only be active on one site at a time.
Kind regards
John
Hello Licensing should not be an issue
Users are able to view the entry and encrypted data is properly decrypted for display.
However, when you click “Print Entry” the resulting output includes “Encrypted Field Restricted” on encrypted fields. How can decrypted data be added/displayed on printed output?
Hello
Where are you selecting to print the entry?
On the meta box for “print entry” there is a “print” button. This is foudn on the page:
/wp-admin/admin.php?page=gf_entries&view=entry&id=362&lid=3115&order=ASC&filter&paged=1&pos=0&field_id&operator
The print button opens: /?gf_page=print-entry&fid=362&lid=3115¬es=1
Is the user attempting to print the entry assigned proper permissions to the data by user or role?
Yes, they are full Administrator users. They can view the entry on-screen with data showing correctly. As soon as they click the print button, the field data shows “Encrypted Field Restricted” in the print view (e.g., /?gf_page=print-entry&fid=362&lid=3115¬es=1).
We have confirmed this on two completely separate websites.
Hello
Are you using any custom code to change the standard entry printing template , or are you using a different template to print from a plugin?
The standard GF installation does not include a “Print Entry” link or button from the entries list page, so I assume a plugin or code is adding this link which is printing the entry in a different way than the normal “print” button while viewing an individual entry.
Can you try viewing an individual entry and clicking the “print” button from the print entry box? You may have to enable the box by changing the screen options for the single entry view page and selecting to enable the “print entry” box.
You can also try standard GF print actions by printing from the entries list page by selecting the entry (or entries) for print, and using the bulk actions drop down to select “print”.
There is no custom code, no templates, it’s all stock Gravity Form features. We tested on a fresh WordPress install, with a fresh Gravity Forms install, using the stock WordPress Twenty Seventeen theme.
Gravity’s own documentation shows the print button while viewing an entry: https://docs.gravityforms.com/entry-detail/
We tested both methods of printing. (1.) While viewing a single entry, using the print button as shown in the documentation link in the prior paragraph. (2.) While viewing the entries index, checking 1 or more entries, and using the bulk actions to print. Both of these print methods result in the encrypted fields showing “Encrypted Field Restricted”.
Would it be possible for PluginOwn support to try this in their testing environments to recreate the issue?
Hello
The absence of the print button /text for an entry that we referred to is on the stock GF entries list page. The stock entries list page only has printing available from the bulk actions. The single entry view page you linked to is a different page and is available in stock GF as we noted for you to try using.
Are you running other GF plugins / add-ons alongside our plugin and GF ? You should try disabling ALL other plugins except GF and Encrypted Fields to test.
On our own test environments running the latest of all WP and Gravity Forms we cannot recreate the issue. Are you able to send us login details to your test environment via our author contact form? Do NOT post them here. Click our user name and use the author form to send any private login details so we can test on any dev environment
Thanks – I’ve recreated the issue in a very simple environment. I just emailed you details via the author contact form. Thank you.
Hello
Kindly check your demo site for results now. The option “admin area only viewing” was selected by default in the settings page for the Encrypted Fields plugin, and the print preview page is not an WP administrative page ..so it was being restricted for viewing of encrypted field data. While front end viewing is allowed, all other view permissions still apply so as “admin” was now added to the user/role permission list, admins can now view the data when and where it is displayed in the front end via the GFAPI such as in in the print preview page.
Hope this helps 
Thank you! I guess we misunderstood the use of the “admin area” and how the Gravity Form print screen is not considered an admin screen. We see it working and have applied the changes to our production site. Thank you!
Hello
Glad you have it working now. The GF entry print screen is rendered outside of WP admin by GF and WP so it falls under the exclusion.
Hi, I recently purchased this am enjoying the plugin! But is there a way to also encrypt files that are uploaded? This would help a lot, thanks so much.
Our plug-in does not currently encrypt files. You can already store files encrypted with great access control by using the Google drive or Dropbox add on modules from gravity forms. Both of those systems have completely passive encryption for all storage and great access control and sharing built in.
Hi I’m considering this plugin as part of a solution for securing sensitive data that would be stored in an entry from the Gravity Forms plugin.
The project I’m working on will require us to request the entry content via the Gravity Forms V2 API. my questions here are:
1. Will we be able to (via whatever means) have specific user(s) view the decrypted entry info via the WP Admin user interface? (Reasoning for this is as part of an audit trail should there be any issues with the process as a whole, including user error/input)
2. More importantly, will the entry data returned by a GET request remain encrypted or in plain text? The latter is what I’m hoping being that the CRM we use doesn’t have the inbuilt capability of decryption and building something in it’s proprietary language would be extremely time consuming if technically possible at all.
Kind regards
John
Hello
1. Yes
2. If you are using the GFAPI web access it can require user authentication, and you should use SSL for the connection. the data is then sent encrypted in transit by means of SSL in that case but Is not explicitly additionally encrypted by our plug-in requiring decryption on the other end of the SSL connection. This is the same data encryption in transit as when the user first enters it in their browser and it is transmitted to your server over SSL. If you desired you could send the data encrypted requiring explicit decryption that you build out, but otherwise having SSL handle the implicit encryption in transit is the default and would require no additional coding on the receiving end.
Hope this helps
Thanks for the quick response, it’s very much appreciated!
1. Great, that’s very useful.
2. Excellent, I’ve already put together a REST API integration on another site for another project using basic https authentication and that does everything it needs to. On this project this will effectively be no different from the CRM setup side of things which is a relief.
Thanks again for your help, no doubt we’ll be purchasing this once I get sign off.
Kind regards
John
Hi, can check can i encrypt the fields after notification is sent out? Currently the fields is encrypted in email.
Hello
Please follow setup instructions section for sending decrypted notification emails. Using setup configuration You can use the decrypted merge tags in them. There is full instruction on this during plugin setup and video to follow.
Hope this helps
Can I cancel the module? I need to encrypt the files and the module can’t do that, so I have to find another one.
Hello Correct. You can already store files encrypted with access control by using the Google drive or Dropbox modules. Assuming you do not need to encrypt any of the data you are collecting, Refunds are requested through your envato account. The plug-in will be deactivated and no longer fully function once the refund is issued.
hello i have Version 4.4.7 and when update to php 8.1 the website broken
your plugin support this version of PHP?
Hello
You are running a very outdated plugin version. The latest version is 6.2.2 Please update your plugin Our plug-in supports the latest version of WP and php 8.1 .
Purchased a license 1/16/25. Will supply key via e-mail if needed.
URL of site was changed after installing/activating. Cannot access settings page. Message says:
“You must purchase an additional license or deregister a license from within one of the registered websites. Settings->GF Encrypted Fields->Licensing is near top of page.”
I put up a backup of the site, and can access the settings page under the original URL and am trying to deregister it, but there is no such option that I can find anywhere on the page. Please advise.
Never mind….I have e-mailed to get it de-registered.
Hello
The option to deregister the site is on the settings page up top under “LICENSING AND DEACTIVATION”
I believe we have received your email request and upon checking the purchase code for the site requested to be deactivated, it appears it is already deactivated. Were you able to locate the option and deactivate it yourself already?
<< it appears it is already deactivated. Were you able to locate the option and deactivate it yourself already?>>
No. What I did was:1. Installed the plug-in on a site with the original URL. 2. Activated it 3. Did not see any of the option buttons at the top (Setup / Video / Licensing, etc). 4. Deactivated the plugin 5. Deleted it.
That is the point where I sent you an e-mail.
About 20 minutes later, went to the new site, tried activation, and it worked. Thought that was a result of you de-registering based on my e-mail (thought wow that was fast<g>). Oddly enough, I could now see all the buttons missing in step 3 above.
Now I’ve got to work on my other problem
We started on a project five years ago and I came up with a routine to decrypt the data in an outside system. Project was side-lined and has now been resumed, and my decrypt routine no longer works. Don’t have any clue as to why. We were on an older version of the plug-in at the time, but it was after version 3.0 as I was doing an AES256 CBC decrypt. Only odd thing I remember was that there was a doubling up of a Base64 Encode being done from what seemed to be a bug. I haven’t really dug into it yet, but just on a outside chance, anything you can think of that might have changed in the past five years fundamentally? I am not using the async feature, so everything should be the same.
I intend to look at the new plugin code and add some logging so I can see what’s going on, but I thought I’d ask.
Thanks.
Hello
The decryption should be the same logic as before if it’s the same encryption. If your using the auto key and on a new site the auto key will be different though, so the only foreseeable change is that you would have to update the decryption code to reflect the new key if it has changed.
That’s what I thought, but something has changed. I’ll report back what I find.
Hello.
I am thinking about purchasing the plugin but noticed it hasn’t been updated in almost a year. Is it still being actively maintained and supported as WordPress updates happen?
Thank you.
Hello
Yes. The plug-in is supported, maintained, and tested on all new WP versions as they become available.
Hope this helps
That does help. I wanted to be sure that as WordPress updates I won’t run into a situation where the plugin stops working and no fix will be released.
Thank you!
Hi, we use your plugin on our site and it works great. But we have recently changed our domain name and the field contents can’t be read from backend. Please let me know how to proceed to fix this. Thank you.
Hello
Did you do more than change the domain name and clone /copy/ duplicate the site? Or did the domain name just change?
The information needed here is:
Is the plug-in not activated and settings page not accessible on the site because the new domain is not licensed/activated?
Or
Did the auto encryption key change due to a site migration?
We migrated the site to a temporary URL to do some changes. Then we moved the site back to original and changed URL.
Example: Original URL: aaa.com Dev temporary URL staging.aaa.com Final URL: bbb.com
So Is the plug-in not activated and settings page not accessible on the site because the new domain is not licensed/activated?
Or
Can you access the settings page and Did the auto encryption key change due to a site migration?
Plugin is active. Theproblem is I cant read fields, I see «Encrypted Field Restricted»
Ok. Then we would look at the second question.
Did the auto encryption key change due to the site migration? Check your encryption pass in the settings page and change it to the one the data was encrypted under that you copied and secure stored on plugin setup.
This auto key pass change would happen if you copied over and overwrote your core WP files on duplication or migrated to a new WP installation and it’s not actually the same original WP install the plugin was setup on.
If this resolves your issue and you are using a manual key, You can and should look to manually decrypt your data under the manual key and then re-encrypt it with the new auto key. Manual keys exist to help this changeover between sites but are not recommended to be used continually as each plugin update can be a pain to remember to enter the manual key again and eventually will be forgotten and cause issues with the data going forward under the auto key and older data under the manual key. ..it is all resolvable by this same manual decrypt and re-encrypt process but it is best to do it start and not worry because you are using the auto key again for all data
I bought a new license. Should I put my new license key?
You may use any available license you have for the plugin, but this will have no affect on your previous concern.
Can this plugin be used on a staging environment and then be used on a live site with the same license.
Wow that was fast!!
Yes
Hello, I have just downloaded a second version of your Gravity Form Encrypted Fileds plugin. I’m very happy with what you have to offer. However, for this second lience I need to encrypt some files. And I thought it was going to be good with your plugin. but I couldn’t figure out how to do it… Am I missing something or is the function not available? thanks for your answer Ludo
Hello File uploads are not a supported field type for encryption. This is because add-ons like Dropbox and google drive already exist to securely transfer your uploaded files to which are both encrypted and secure authentication access file storage solutions. The add ons can also delete your local server copy of uploaded files.
Thank you for your reply. I think that a refund is not possible since I have already downloaded the plug-in?
You can request a refund through your envato account. The plug-in will become inactive after the license is refunded
Thank you very much
Hi there,
I have a few questions. Thank you for your help.
1. What encryption standards does the plugin use for data at rest and in transit (e.g., AES-256, TLS/HTTPS), and are they compliant with CIPA and FERPA?
2. How are encryption keys managed and secured? Are they stored in a hardware security module (HSM), and who has access to them?
3. Does the plugin offer end-to-end encryption, ensuring that no third parties can access unencrypted data during storage or transfer?
Thanks a lot!
Hello
Our plug-in handles the Encryption of data at rest. AES-256 in various modes. this should meet or exceed any encryption requirements for any application.
In-transit protocols are not handled by our plug-in as they are web server and/or smtp related and handled and of course we recommend using https for web, TLS (for server connections) and authentication for API and other requests in your data connections.
Encryption keys are either split and scrambled (meaning they are not even directly useable) and then secured across your separate server hardware and are only accessible according to your web servers security and security protocols in place (this equals the same security as your actual site as a whole. Whether keys and data are processed remote or on dedicated hardware doesn’t matter if people can simply enter a few lines of code to send the the data when it’s done or just send it to them on entry before it’s encrypted etc., so this is true of any web server based application), or stored wherever you want if you are using asynchronous mode. There is NO local storage of readable/useable keys in asynch mode and the encrypted private key’s non hard stored additional authentication key must be entered by a logged in authenticated user for every data access session.
As mentioned above, Our plug-in includes an asynchronous Encryption mode which means you have to authenticate and log in, and then authenticate again with a non stored key to be able to access the encrypted data. – but since we only handle encryption at rest , when you transmit, you can use the authenticated gfapi over https, or you can use secure transfer protocols to your destination (which are encrypted implicitly such as https) , AND of course you can additionally retain the explicit encryption of the data from our plug-in to decrypt (using your own simple matching decryption functionality ) on the other end, . You can also opt for things like PGP or your email services/servers explicit encryption options to password protect the encrypted mail contents, or use explicit pdf encryption or any other option based on your format of data being sent or how it is being packaged.
Most users just set up and use it transparently to access the data casually, but you can of course set up much more complex security if you would like according to whatever policy you need to meet, it just goes beyond the reach of our plugin to configure your servers web security and physical access protocols, and manage the myriad of possible data transmission options.
Responding to your reply.
For some reason it is not letting me reply to your comment.
1. Can you provide me with the link to the add-ons like Dropbox and Google Drive?
2. The Gravity Form Sends to Open AI to get a response then goes into my paragraph field. Should I encrypt that field after the submission is processed in this case?
3. Any other recommendations based on this setup? / Do you think I should encrypt all the fields or only some?
You should encrypt after the submission (feeds and add ons) are processed if the field is populated during feed and add on processing.
They are direct gravity forms ads ons . Viewable and installable from the add-ons available in you gravity forms installation.
You should encrypt fields that have sensitive (personal/private) data that needs to be protected. Generally speaking, most answers to an essay are not likely to be included in this category unless they contain personal or private data within them. That said I assume the answers are open and context could allow anyone to write what they wish, so I would leave that in your hands to decide what requires encryption vs what does not etc. Pending your WP install administrative needs you can alternatively just hide their view-ability in admin and give access permissions as desired to prevent others from viewing by using the hide field value option instead of actual encryption.
Hi there, I am trying to encrypt my Gravity Form which is an essay grader with a File Upload field that can take multiple files. In the advanced tab I do not see an encryption option? Am I doing something wrong.
How can I encrypt a file upload field?
Note – Once a essay is uploaded the output/grade is placed in a Paragraph Field.
Should I encrypt that field after the submission is processed?
What do you recommend I do with this setup. Thanks.
Hello You are not doing anything wrong. File uploads are not a supported field type for encryption. This is because add-ons like Dropbox and google drive already exist to securely transfer your uploaded files to which are both encrypted and secure authentication access file storage solutions. The add ons can also delete your local server copy of uploaded files.
When is your output grade actually populated? Is this something someone enters manually by editing the entry after submission? You can just set the field to encrypt normally if this is the case. Any edits to encrypted fields are encrypted on updating of the entry.
can this encrypt data already in the table?
Hello
It can only decrypt data encrypted by this plugin under the same encryption type and keys. Without customizing it to do so, It cannot decrypt data encrypted by other plugins or code in general.
Hi there – we use your plugin on our website, but our current website agency wasn’t keeping it up to date as we expected them to because “the old agency must have bought it”. So, now we need to get our website agency what they need to update it. We will happily purchase it again if that’s what we need to do. The website is bluepearlvet.com. Can you please advise what is needed? Thanks so much!
Hello
The plug-in to date has included lifetime updates available through the envato account which purchased it. If you can get the purchase of it from them you could update per your agreement with them, but otherwise you could purchase a new license and download updates as needed with your new license.
Hello there,
We’re happy with the plugin throughout the years. It works well.
Recently, we’ve started mapping fields with the HubSpot Wordpress Plugin so that certain form data is submitted through to our HubSpot CRM. I’m seeing that the Gravity Form encryption of the name field displays as encrypted in HubSpot. What are our options? Thanks for your help! j
Hello
Turn on the “encrypt after submission is processed” option for the specific fields that need to be processed by feeds and add ons such as hub spot prior to being encrypted.
Thanks, great tip.
Thinking of using this plugin with Gravity Forms and just need to know if it will encrypt pdfs as well.
Hello
It does not encrypt PDF files because there is no need for that. Gravity pdf already has built in password protected encryption options for the created files.
Hope this helps
That’s perfect. Thanks for the quick response!
Hi,
I am wondering I can get a refund for my purchase? I found a solution that does not require the plugin. Your plugin is good and does what it says but I just don’t need it as I thought I would. Sorry for the trouble.
Thanks, Jamie
Hello
No trouble!
You may request a refund at any time through your Envato account under your purchases. Refunds are not issued by author support contact. Once a refund has been issued the plug-in will become deactivated and will no longer function to view your encrypted data , so be sure to decrypt any data you want to have viewable past deactivation.
