HTML form rendering with weird hidden input fields | ww.wp.xz.cn

Resolved stevecarrus
(@stevecarrus)

5 years, 2 months ago

I have a new ecommerce site, which uses lead forms to collect customer info. On our live production site, there are hidden input fields with encrypted looking name and value attributes. Here is an example:

<input type=”hidden” name=”fxOAgTXmrd_k” value=”MHVgCPf2J”>
<input type=”hidden” name=”jEvdKncJwDa” value=”UFQPsvy5bx60OL”>
<input type=”hidden” name=”lcZhEMQDb-” value=”nNrvImtYAwde]L”>

These hidden fields are not in the actual page templates, so I don’t know where they’re coming from. I posted this question on Stack Overflow, and someone noted that they look like CSRF tokens. I haven’t done anything to set up CSRF tokens, and don’t know much about them.

I did discover that we have the WP Cerber plugin activated on the site. Does WP Cerber automatically add tokens like this to html forms?

If not, is it possible the presence of these hidden fields indicates some sort of hacking attempt?

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author gioni
(@gioni)

5 years, 1 month ago

No worries, there is no hacking attempt. Those tokens are generated by WP Cerber. They are used by the anti-spam engine.

Thread Starter stevecarrus
(@stevecarrus)

5 years, 1 month ago

Ah, very good. Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘HTML form rendering with weird hidden input fields’ is closed to new replies.

2 replies
2 participants
Last reply from: stevecarrus
Last activity: 5 years, 1 month ago
Status: resolved