Is it possible for a web form to be hacked?

On my website, there is a web form that users fill out and the data collected gets e-mailed to me. Is it possible for someone to hack the data and get 开发者_JS百科the users' information? Also, my site does not use a secure connection.

It depends on whether the data is logged, or flushed after being emailed.

If it is logged, then theoretically yes, a malicious user could compromise the server and access the logs.

If it isn't, there's still the possibility of your email being compromised, but at some point a line has to be drawn.

It would probably be helpful to see a specific example, or at least a little more details about exactly how this form operates.

If someone uses your site from say an internet cafe then there could be a man-in-the-middle attack where all requests go through some program sitting on the cafes server.

i think if you are worried then you should probably secure at least that page.

If you are not using SSL then its possible for someone to sniff the traffic to your server and collect all the user information thats being posted from their browser. Using an SSL cert and forcing HTTPS will make it much harder (nearly impossible) to catch the traffic on the netwrok.