Take a look through the most frequently asked questions. If you still have questions about this plugin, feel free to contact us.

General

How do I backup my encryption key?

The configuration is stored in a file at wp-content/gf_encryption_configuration.php
You should keep a copy of this file backed up somewhere. If you ever lose the key that is stored in it then there is no way to decrypt your data.

Does the plugin work with WordPress Multisite?

Yes, Gravity Forms Encryption works with WordPress Multisite. The only limitation at this time is the same encryption key is used for all sites on the multisite.

What encryption is used?

AES 256 encryption is used with the openssl PHP extension to encrypted the data. It uses a 32 byte key as the encryption passphrase.

What are the minimum requirements?

Gravity Forms Encryption requires PHP 7.2 or later with the openssl PHP extension.

How can I send a link to the entry in the notification?

Since encrypted entries are removed from the notifications, you may want to link to the entry in your notification so it can be quickly viewed without finding it in the admin. You can use the {entry_url} in your Gravity Forms notification so it look like:

{all_fields}
{entry_url}

What field types can be encrypted?

We current support these field types.
– Standard Fields
— Single Line Text
— Paragraph Text
— Dropdown
— Number
— Checkboxes
— Radio Buttons
— Hidden
– Advanced Fields
— Name
— Date
— Time
— Phone
— Address
— Website
— Email Field
— File Upload
— List
— Multi Select
If you need to encrypt another field type, please Contact Us with details on what you need.

How are files encrypted from the File Upload field?

Files are encrypted after upload and are stored in the same location an unencrypted file upload would be stored. Which defaults to a directory under wp-content/uploads/gravity_forms
The encrypted files are stored with a randomly generated string of characters to not reveal anything about what the file is.
The original filename is stored encrypted in the database along with the Entry so when downloading the file it will preserve the original name.

Is searching encrypted fields possible?

It is currently not possible to search for data in encrypted fields, your search must be limited to the unencrypted fields.

Can my encrypted data still be sent through email?

We don’t recommend this since email is not a secure channel, so there is not setting in the plugin to enable this. However, if you do need this functionality you can add the following filter to your functions.php to allow the email to include the encrypted fields. Please Contact Us and let us know if you do use this and if enough people want this feature we may add the setting.

add_filter( ‘plugins_loaded’, function() {
remove_filter( ‘gform_merge_tag_filter’, ‘gf_encryption_gform_merge_tag_filter’, 10, 4 );
});

Can I set my encryption key in wp-config.php?

Yes, you can use the constant CROSSPEAK_GRAVITYFORMS_ENCRYPTION_KEY
Such as:
define( ‘CROSSPEAK_GRAVITYFORMS_ENCRYPTION_KEY’ ‘OGYxt4/8Pzd593tKAR4bLnSK6EsC0hWzvGm6OwQeXVU=’ );

They key must be a base64 encoded version of a 32 byte key.
You can get the generated key from wp-content/gf_encryption_configuration.php

How can I set my encryption key with an environment variable?

Copy the generated key from wp-content/gf_encryption_configuration.php file and put it in your environment variable.
You can use the CROSSPEAK_GRAVITYFORMS_ENCRYPTION_KEY constant to set your encryption key.
For example, in your wp-config.php use:
define( ‘CROSSPEAK_GRAVITYFORMS_ENCRYPTION_KEY’ env( ‘GF_ENCRYPTION_KEY’ ) );