Join ASRT
Join ASRT

Email Security Techniques

Home > Web Style Guide > CMS Code Demos > Email Security
When an email address is used on a website, there is always a risk that someone with malicious intent could unleash a program called a "web bot" upon a website to collect all unprotected email addresses on that site. Below are some methods that could be used to protect our site against them. 


Scenario 1: Secure email on a non-secure page

Description:
An email address is on a public page, but email needs to be secured so that only ASRT members can use it. 

Example:
The Board of Directors page is publicly viewable, but email links are inactive unless the user is logged in as a member. An informational tip that appears when hovering over the link tells the user that the link is not available unless logged in as a member.

Appearance/Format:
The email address is not displayed. A link labeled “Email nnn” appears instead.

Method:
A script replaces the email address in the page. That script resides in a member-only permission-restricted block in Sitefinity. Viewing the source code on the page will not reveal the hidden script.  If logged in, an email link will render the email and display it when hovering over the link; if the link is clicked, the email is rendered and triggered.

Web Team
American Society of Radiologic Technologists
15000 Central Avenue SE 
Albuquerque, NM 87123
505-298-4500
Email us

Scenario 2: Non-secure email on a secure page

This example requires a member login.

Scenario 3: Non-secure email on a non-secure page

Description:
Email links appear on the page as simple links (no email address displays.) When hovering over the link, a script is triggered that renders the email and displays it in an information tip.  When the link is clicked, the email is rendered and triggered.

Example:
ASRT Contact List. The page is publicly viewable, but emails are not “bot-able.” 

Appearance/Format:
The email address is not displayed. A link labeled “Email nnn” appears instead.

Method:
This works similarly to the secured email on a non-secured page, except there is no “login required” state. The script that renders the emails is available whether or not the user is logged in.

Web Team
American Society of Radiologic Technologists
15000 Central Avenue SE.
Albuquerque, NM 87123
505-298-4500
Email us
In This Section:
Earn & Track CE
News & Research
Standards & Regulations
Career Center
About ASRT
Featured CE Courses


© 2022 American Society of Radiologic Technologists