Results 1 to 5 of 5
Thread: File Uploads and Security
Jun 26, 2007, 08:28 #1
File Uploads and Security
I'm currently working on a file uploads site in PHP and was wondering if anyone could provide some advice on what to do to keep things secure? I've never really done file uploads before but at present I've got a block list which blocks these file types:
"cgi", "php", "pl", "sh",
This was to prevent users executing scrips on my server. Are there any other file types I should block or other security measures I should take? Naturally I don't wan't anyone deleting other peoples files or naughty stuff like that.
Each users files are uploaded via a html upload form to their own base directory eg. ../files/username/
Any help much appreciated,
Jun 26, 2007, 09:00 #2
Allow only extensions that you are okay with. Don't go with the blacklist approach.
Also I would personally rename the files and keep a log in the DB as to the old file name (if it matters) and the new name.
Jun 26, 2007, 12:45 #3
Thanks for the response. I did have an accepted list as opposed to a black list originally but decided that it may annoy a few users if they have problems uploading particular files, ones i've never heard of, eg. just yesterday I learned of .band
I figure if particular files become a problem I can add them to the blacklist.
Providing I block the extensions above I should be okay?
Jun 26, 2007, 12:52 #4
- Join Date
- Sep 2006
- Fairbanks, AK
- 0 Post(s)
- 0 Thread(s)
Blacklists are about the worst way to secure something, because someone will always come up with something else that you hadn't thought of. Whitelists are far more secure, and the consequences with not allowing something your users want are far less severe than the other way around:
With a blacklist:
Oh crap, I didn't block [file type], now my entire server is owned! I've even been locked out so I can't regain control and fix it!
With a whitelist:
Okay, user A has complained that he can't upload [file type]. After some research to determine if it's a threat to my server or not, I can add it to the whitelist and he's happy.
It's very simple to have your upload script redirect to a basic contact form where a user can send you a request to allow a particular file type be uploadable. It's far more difficult (read: nigh impossible) to ensure that you have cleaned up every backdoor and malicious piece of code after you server has been hacked because your blacklist didn't include [file type].
Jun 27, 2007, 09:06 #5