I have an application where registered users will upload various files (.doc, .pdf) and I need them stored somewhere secure so somebody who isn't registered can't access them. Normally I've just had all file uploads to go a folder in the site root, but I'm thinking that probably isn't a good idea.
yeah , well you can store the files on other server like
for example you have made the app on the domain www.example.com make another subdomain upload.example.com from where all the file validation , uploading and renaming will be done then transfer the file to another subdomain(storage server) like this any name which does not seem that it is saving the files users upload , probably upstor.example.com or any random number and remember to delete the original file from upload.example.com .... hope this is a nice idea and helps too ...
Well initially I also thought of doing so but I felt that if a intrusor gets access to your main server (www.example.com) then he can easily access the .htaccess file and make the complete folder web accessible but he cant if you place the files on a separate server , that would take the files security one step further.
Thats why I advised to use a separate server.
I would ignore the suggestion about using a completely different server for security reasons; if someone can hack one of your servers, they can hack the other one too, and you would have bigger problems than them stealing your files if that happened...
I would probably store the files outside of the web root, so that they're not even accessible directly over the web; then have a script that when accessed, validates that the person is logged in, and then transfers the file to them.
So your server side script (ie php/dotnet)
1. checks they're a valid user (ie by the standard user-is-logged-in check that you're doing else where on the site - checking the session or whatever)
2. sets the correct headers for the file type, eg Content-Type: application/octet-stream
3. reads the file from wherever it is on the server
4. outputs it to the user's browser
1b. if they're not a valid user, the connection is ended and they don't get the secure file.
this means that they only get the file if they're a valid, logged in user.
But if they can hack into your validation system which validates the user is logged in or not will get an easily access to the files.
but if we store the files on different server we can password protect directories which can only be bypassed by the app and we only check which user has logged in and select the particular file or files which he has uploaded .
Please do Correct me if I am wrong any where.
I would say if a user breaks into another users account by guessing the authentication details then their files would be compromised either way. There is not really a need to store the files on another server, just outside of the web root so users can't upload a file and then access it directly (especially if you are allowing all types of uploads) as a user could directly infect your server by uploading an executable script and then running it by pointing their browser to it.
Either you store the files above the htdocs (or whatever your base folder is) or you can store them in a sub folder and block all access with htaccess. Then as described above you check authentication (or whatever you are validating) and then output the appropriate headers for the content type, read the file, then echo the contents.
Probably could search for a couple of different things for this, "htaccess deny access", "upload file to directory php", & "force download dialog php".