Secured campaign assets
In addition to using asset permissions, Oracle Eloqua provides features that can help secure your campaign assets including forms, field merges, and microsites.
Forms
Web forms are a primary way for your organization to gather information about customers or prospects. Oracle Eloqua offers the following features to help keep your forms secure:
- Enforcing limits on the amount of data that can be submitted in a field.
- Restricting the type of data that can be submitted.
- Providing measures to prevent the submitting URLs in a form submission.
- Providing measures to prevent sending multiple auto-responder emails to the same contact for the same form.
- Using allowlists to identify domains that can be used to host external forms.
- Using allowlists to identify domains that can be redirected to when after a form is submitted.
Secure your forms from malicious behavior by taking advantage of the following features:
- When allowing customers to fill out a text field, consider what you are expecting customers to submit and limit the amount of data that can be submitted based on that. By default, Oracle Eloqua restricts text fields to 35 characters. Restricting the number of characters that can be entered can help prevent malicious behavior where an intruder might try to submit a large amount of data through your form.
- When using text fields, you should also take precautions to prevent users from submitting URLs. Oracle Eloqua allows you to prevent URLs from being submitted which can help prevent malicious attacks.
Learn more about forms.
Field merges
Field merges can help you personalize emails, forms, and landing pages using information available from contact records, events, or custom objects.
Oracle Eloqua provides features that you can use to help keep field merges secure:
- Removing any URLs while still inserting the remaining data. You can override this security feature as part of the field merge settings.
- Preventing field merges from being used as of a URL path. You can use field merges as part of a query string.
Learn more about using field merges.
Microsites
Microsites are discrete websites hosted within your existing website. A microsite can consist of one or more landing pages. Typically, microsites are dedicated to a specific campaign, product, or keyword. Oracle Eloqua supports securing connections to microsites using HTTPS. Secure microsites use Secure Sockets Layer (SSL) to encrypt the data that is passed between a visitor's browser and the web server. SSL encrypts the data so it cannot be intercepted by a third party, making it ideal for microsites that will involve the exchange of sensitive information, like passwords.
Learn more about secure microsites.
Landing pages
You can prevent your Oracle Eloqua landing pages from being embedded in a frame, inline frame (iframe), or object. This can help prevent clickjacking attacks by ensuring that your content cannot be embedded into other sites.
You configure this prevention for each microsite. By default, Oracle Eloqua prevents embedding for all new microsites.
Learn more about how to prevent embedding.