Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
celovec2019-10-16 20:35:02
Information Security
celovec, 2019-10-16 20:35:02

Securely uploading files to a server?

Clients upload pictures, videos and other files to my server, without restrictions.
How can I secure such a download?
The first thing that comes to mind is to upload a file from the site to a folder of another subdomain, for example files.example.com, in which php and other programming languages ​​will be disabled.
And upload files to the main site example.com through this subdomain.
How secure will it be for me, XSS they can no longer do? How else can they harm the main site?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Anton R., 2019-10-16
@anton_reut

Here is a good article: https://habr.com/ru/post/44610/

Report
X
xmoonlight, 2020-01-24
@xmoonlight

Load always ABOVE the www web-root folder to avoid calling the handler from the web.
Folder hierarchy example:

upload
www //web-root

Similar questions
D
des1roer2016-01-12 16:22:30
How to manually delete Miner Ethash folder in appdata? 3Reply
B
BonBon Slick2021-08-30 00:43:51
Account blocking or password reset code, email in case of account hijacking? 1Reply
P
Pontific2013-02-27 21:43:26
Why change passwords periodically? 12Reply
H
Hose Holebas2016-01-18 15:45:46
What does my mobile operator know about me? 7Reply
N
Nikita2020-06-13 18:55:41
Feature or vulnerability of reg.ru DNS servers? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question