mirror of
https://git.hexahost.dev/smueller/HexaHost-Frontend.git
synced 2026-06-02 06:58:43 +00:00
Enhance security and configuration of contact form: Added Content Security Policy and Strict-Transport-Security headers in .htaccess for improved security. Updated error handling to use a single 404.php for various error codes. Removed deprecated config.php and composer.json files, and implemented IP address detection for better security. Added honeypot field for bot protection in contact form and improved session security settings in functions.php.
This commit is contained in:
TheOnlyMace
@@ -97,6 +97,10 @@ includeHeader($page_title, $page_description, $current_page, $additional_scripts
|
||||
</div>
|
||||
<form class="contact-form glass-card" id="contactForm" action="contact-handler.php" method="POST">
|
||||
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
|
||||
<!-- Honeypot-Feld für Bot-Schutz (versteckt via CSS) -->
|
||||
<div style="position: absolute; left: -9999px;" aria-hidden="true">
|
||||
<input type="text" name="website" tabindex="-1" autocomplete="off">
|
||||
</div>
|
||||
<div class="form-row">
|
||||
<div class="form-group">
|
||||
<label for="firstName">Vorname *</label>
|
||||
@@ -143,7 +147,7 @@ includeHeader($page_title, $page_description, $current_page, $additional_scripts
|
||||
<div class="form-group checkbox-group">
|
||||
<label class="checkbox-label">
|
||||
<input type="checkbox" id="privacy" name="privacy" required>
|
||||
Ich habe die <a href="#" target="_blank">Datenschutzerklärung</a> gelesen und stimme der Verarbeitung meiner Daten zu. *
|
||||
Ich habe die <a href="datenschutz.php" target="_blank">Datenschutzerklärung</a> gelesen und stimme der Verarbeitung meiner Daten zu. *
|
||||
</label>
|
||||
</div>
|
||||
<div class="form-actions">
|
||||
|
||||
Reference in New Issue
Block a user