SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Zealot Osprey's Avatar
    Join Date
    Jan 2006
    Posts
    156
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    File Uploads and Security

    Hey Everyone,

    I'm currently working on a file uploads site in PHP and was wondering if anyone could provide some advice on what to do to keep things secure? I've never really done file uploads before but at present I've got a block list which blocks these file types:

    "cgi", "php", "pl", "sh",

    This was to prevent users executing scrips on my server. Are there any other file types I should block or other security measures I should take? Naturally I don't wan't anyone deleting other peoples files or naughty stuff like that.

    Each users files are uploaded via a html upload form to their own base directory eg. ../files/username/

    Any help much appreciated,

    Andy

  2. #2
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Allow only extensions that you are okay with. Don't go with the blacklist approach.

    Also I would personally rename the files and keep a log in the DB as to the old file name (if it matters) and the new name.

  3. #3
    SitePoint Zealot Osprey's Avatar
    Join Date
    Jan 2006
    Posts
    156
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the response. I did have an accepted list as opposed to a black list originally but decided that it may annoy a few users if they have problems uploading particular files, ones i've never heard of, eg. just yesterday I learned of .band

    I figure if particular files become a problem I can add them to the blacklist.

    Providing I block the extensions above I should be okay?

  4. #4
    Worship the Krome kromey's Avatar
    Join Date
    Sep 2006
    Location
    Fairbanks, AK
    Posts
    1,621
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Osprey View Post
    I figure if particular files become a problem I can add them to the blacklist.
    And by then it's too late.

    Blacklists are about the worst way to secure something, because someone will always come up with something else that you hadn't thought of. Whitelists are far more secure, and the consequences with not allowing something your users want are far less severe than the other way around:

    With a blacklist:
    Oh crap, I didn't block [file type], now my entire server is owned! I've even been locked out so I can't regain control and fix it!

    With a whitelist:
    Okay, user A has complained that he can't upload [file type]. After some research to determine if it's a threat to my server or not, I can add it to the whitelist and he's happy.

    It's very simple to have your upload script redirect to a basic contact form where a user can send you a request to allow a particular file type be uploadable. It's far more difficult (read: nigh impossible) to ensure that you have cleaned up every backdoor and malicious piece of code after you server has been hacked because your blacklist didn't include [file type].
    PHP questions? RTFM
    MySQL questions? RTFM

  5. #5
    SitePoint Zealot Osprey's Avatar
    Join Date
    Jan 2006
    Posts
    156
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the reply. Hmm, okay. I'll do some research into which files I should allow and see if I can get most of them on the list to start. I figure as you say security is more important.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •