624613a0d0
- Add email header injection prevention - Implement referer checking for form submissions - Create .htaccess security rules for handlers - Add secure email configuration file - Include UTF-8 database backup - Restrict access to sensitive files 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
34 lines
940 B
PHP
34 lines
940 B
PHP
<?php
|
|
// Secure email configuration
|
|
// This file should not be accessible from the web
|
|
|
|
// Prevent direct access
|
|
if (basename($_SERVER['PHP_SELF']) === basename(__FILE__)) {
|
|
http_response_code(403);
|
|
die('Access denied');
|
|
}
|
|
|
|
// Email configuration
|
|
define('CONTACT_EMAIL', 'info@ukdataservices.co.uk');
|
|
define('FROM_EMAIL', 'noreply@ukdataservices.co.uk');
|
|
define('FROM_NAME', 'UK Data Services Contact Form');
|
|
|
|
// Security settings
|
|
define('MAX_SUBMISSIONS_PER_HOUR', 5);
|
|
define('MIN_MESSAGE_LENGTH', 10);
|
|
define('MAX_MESSAGE_LENGTH', 5000);
|
|
|
|
// Allowed domains for referer check
|
|
define('ALLOWED_DOMAINS', [
|
|
'ukdataservices.co.uk',
|
|
'www.ukdataservices.co.uk',
|
|
'localhost'
|
|
]);
|
|
|
|
// Spam keywords (add more as needed)
|
|
define('SPAM_KEYWORDS', [
|
|
'viagra', 'casino', 'lottery', 'bitcoin', 'forex',
|
|
'loan', 'debt', 'pharmacy', 'click here', 'act now',
|
|
'limited time', 'risk free', 'guarantee', 'no obligation'
|
|
]);
|
|
?>
|