I want to upload files from my page. (in the past I have used pure asp upload) My client is concerned about security. Is there a way to encrypt these files? Is it necessary or does it even help to put ssl on the site. What do I have to worry about as far as security so others can't get to these files?

To just keep people from getting the files is easy. You have a few choices. You can put the files into your data base, you you can just play with the headers so that the server will not output the files. You should not need to encrypt them. However if you want the upload form to be secure you should run a secure login and put it on a secure page that way not just anyone can get to it (but this would mean the file would be encrypted and decrypted for the transfer I believe).

Anyone can upload files. I just want them to be secure that noone but the person who has ftp access to them can read them.

Oh, then just do not serve any of the files, play with the headers. I do not know how to add that header or anything, I have never done it. I will just wait for buntine to come in :p

Does anyone know what headers I need and where I put them?

well maybe this will help, but its for asp.net
http://aspnet.4guysfromrolla.com/articles/020404-1.aspx
I dont know what to do for classic, since that is all in the .net framework. I liked that article, have not had a need for it, but it was very informative. Buntine is the guy to ask, he should be around here sooner or later.

this progam would be written in asp not .net

Encyption should not be necessary. You can set permissions for each uploaded file via the IUSR_<machine_name> account.

The following document goes into more detail.

http://aspupload.com/manual_security.html

Regards,
Andrew Buntine.

so it's enough just to upload it using pure asp upload and the files should be safe?

WEll, safe enough.. If you set the permissions for each file. Nothing is trult safe on the web, though.

sorry folks, I just realized that the code I posted here was inappropriate for this thread.
It was intended for another aspsmartupload thread.
Sorry about and excuse my stupidity.

...I have removed the thread.

Originally posted by esthera
this progam would be written in asp not .net I know that, I posted it because I did not know a header for classic. My link uses an http header to basically say this file is not served whenever a user tries to download an exe. The only way to give him an exe with my link would be for him to go to a page that uses a header to prompt him for a download. Buntine are you saying my aproach is encrpytion or where did encryption come from??? You confused me. I like how asp.net does it with a header, unfortunatly that is not the question. If asp upload uploads a file though aren't the permissions by default given to the iusr?

If asp upload uploads a file though aren't the permissions by default given to the iusr?

Good question PeOfEo!
But unfortunately, the answer to that question is no.
Because, it is assumed ( and rightly so) that some people may have malicious intents.
If you expose you folder to general use, I can even begin to imagin what type of files will be uploaded into the database.
Now the reason the code I posted above has zero security in it is because it is intended to be used by one person only.
Even then, the user has to be granted permission to be able to upload files to the database from a defined folder.

In situations where only a path the file is stored on the database, depending on the type of database you are using, you can restrict every other user to a readOnly access.

So there is a bit that can be taken from PeOfEo's response.
Creating a secure login is one layer of security that can be implemented.
buntine is also correct in saying the encryption and decription methodology, at least in this respect is not necessary.

Login challenge, folder security and database security ( assuming he is not using access database) provide you with 3 solid layers of security cushion.
Remember also that aspSmartUpload provides you with the ability to manually set up security through the registry.
I know I used that security aparatus when I implemented the upload functionality.

Originally posted by simflex
Good question PeOfEo!
But unfortunately, the answer to that question is no.
Because, it is assumed ( and rightly so) that some people may have malicious intents.
If you expose you folder to general use, I can even begin to imagin what type of files will be uploaded into the database.
Now the reason the code I posted above has zero security in it is because it is intended to be used by one person only.
Even then, the user has to be granted permission to be able to upload files to the database from a defined folder.

In situations where only a path the file is stored on the database, depending on the type of database you are using, you can restrict every other user to a readOnly access.

So there is a bit that can be taken from PeOfEo's response.
Creating a secure login is one layer of security that can be implemented.
buntine is also correct in saying the encryption and decription methodology, at least in this respect is not necessary.

Login challenge, folder security and database security ( assuming he is not using access database) provide you with 3 solid layers of security cushion.
Remember also that aspSmartUpload provides you with the ability to manually set up security through the registry.
I know I used that security aparatus when I implemented the upload functionality. by encryption are we talking encryption the data base content or ssl tls? I know when I upload through asp.net, the aspnet system account will have access to the file (but not everyone or iusr or anything). Personally I think a good way to keep your server safe is to not allow cetain file types to be uploaded, no exe, dll, batch, so on and so fourth files. NO PHP OR ASP FILES ETC EITHER! If the person uploads say a batch file or cmd.exe he can do a dir command on your server and then delete whatever files he wants, access whatever files, or even use your server in a ddos attack or something nasty like that.

If the person uploads say a batch file or cmd.exe he can do a dir command on your server and then delete whatever files he wants, access whatever files, or even use your server in a ddos attack or something nasty like that
Not true. Someone has to execute it first.

As far as security, the usual best practices will suffice, if you only need to protect the file (and your network). The user who uploads the file has absolutely no knowledge of where the file is saved to, and has no permissions on your server, other than the wwwroot over port 80 and only for specific files (not directories).

The server should be set up to not allow browsing -- this means that typing in a directory into the address bar of a browser (http://yourDomain.com/someDir/) will return a permission denied error to the client.

Long and short -- accepting file uploads does not significantly increase your exposure from a security standpoint. If the files are for anything other than access by parsing engines, you should be virus scanning them though -- regardless of the file extension.

One more thing -- if you need to make sure that no one intercepts the file over the internet, use SSL.

If you are demonstrating usual best practices, your files are safe once they hit your network -- at least, they are as safe as any other file on your network.

All that said, I'd strongly discourage saving them to the web server, save 'em to a different file server, or at the very least don't save them in the inetpub directory.

rb

Originally posted by russell
Not true. Someone has to execute it first.
If they get a batch file or cmd.exe they do not need to get remote desktop to execute it if this is a web server. They only need to get a server side script on there to execute it, which would not be hard.

They have to know where it is (of course a script can find it). Allowing file uploads via http or https is not inherently dangerous if you are taking regular security precautions -- like not allowing execute permissions on the directory, and saving the file to a different server. Of course the file should be virus scanned. Other practices depend on the purpose of allowing file uploads. Is it for informational purposes? Is it for allowing users to customize extranet sites with their own images? Is it for file sharing/downloading?