UpLoad files in protected directory
Quote from smartmedia on May 1, 2023, 8:02 pmHi..
I want to make a documents verify procedure for my Users so they can upload some documents in a directory on Server. Of course that directory must not be accessible by anyone besides the administrator. Any idea how to accomplish that ?
I use neoPhpFileWriteFromBase64 to upload the documents in the directory.
Hi..
I want to make a documents verify procedure for my Users so they can upload some documents in a directory on Server. Of course that directory must not be accessible by anyone besides the administrator. Any idea how to accomplish that ?
I use neoPhpFileWriteFromBase64 to upload the documents in the directory.
Quote from luishp on May 2, 2023, 11:43 am@smartmedia to restrict access to the uploaded files (they should be stored in their own folder), you can store them outside of the web root (parent folder and subfolders), or use .htaccess rules to deny access to the directory where they are stored. Here's an example .htaccess file:
Deny from allThis will deny access to the directory for everyone except the administrator. You can also use other authentication methods to further secure the directory, such as password protection or IP whitelisting.
Note that file uploads can be a security risk if not handled properly. Make sure to validate and sanitize all user input, and set appropriate file size and type limits to prevent malicious uploads.
Regards.
@smartmedia to restrict access to the uploaded files (they should be stored in their own folder), you can store them outside of the web root (parent folder and subfolders), or use .htaccess rules to deny access to the directory where they are stored. Here's an example .htaccess file:
Deny from all
This will deny access to the directory for everyone except the administrator. You can also use other authentication methods to further secure the directory, such as password protection or IP whitelisting.
Note that file uploads can be a security risk if not handled properly. Make sure to validate and sanitize all user input, and set appropriate file size and type limits to prevent malicious uploads.
Regards.