McAfee Secure Scan Alert

wilhud · Post by **wilhud** » Thu Oct 21, 2010 12:19 pm

We have McAfee Secure scanning our website and they're coming up with an alert for "Unencrypted Sensitive Form Detected". The pages and forms it is alerting me on are all pages that have the search and email subscription forms. I'm just wondering, can this be marked as a false positive or should the email form be encrypted? If it should be, where would I go to do that?

Thanks,
Wil

WylieE · Post by **WylieE** » Thu Oct 21, 2010 4:24 pm

wilhud wrote:We have McAfee Secure scanning our website and they're coming up with an alert for "Unencrypted Sensitive Form Detected". The pages and forms it is alerting me on are all pages that have the search and email subscription forms. I'm just wondering, can this be marked as a false positive or should the email form be encrypted? If it should be, where would I go to do that?

Thanks,
Wil

We had a number of those as well. It is my understanding it is a bug with McAfee. I reported it as a false positive and they went away.

jmestep · Post by **jmestep** » Fri Oct 22, 2010 3:51 am

Yes, we had that also on a contact form. If McAfee won't take the warning away, you would need to put that page under SSL.

wilhud · Post by **wilhud** » Fri Oct 22, 2010 10:33 am

Hi Judy,

The forms are on a lot of pages though. Is it possible to just have the form connect using SSL only when it posts? I would have to make our entire site SSL encrypted otherwise. That seems like it would be overkill for something that doesn't even really need to be encrypted. I can see encrypting email maybe, but not user searches for a mug or a dvd or something.

AbleCommerce Shopping Cart Software

McAfee Secure Scan Alert

McAfee Secure Scan Alert

Re: McAfee Secure Scan Alert

Re: McAfee Secure Scan Alert

Re: McAfee Secure Scan Alert