Page 1 of 1

php upload, security concerns

Posted: Mon Feb 09, 2004 7:36 pm
by rhunter007
Hi all, I hope this post is appropriate for this forum. Here goes:

My goal is the following: Allow users to upload files to my website/server (for storage puposes only).

My intended implementation: Accepting uploads via HTTP POST (with PHP).

My concern: That a malicious user will write a script that uploads tons of files continuously until my server's hard disk is full and crashed.

Some precautions that I intend to take:
1) setting a max upload size in the php.ini file
2) Running the PHP script under SSL, and authenticating the user first (the problem is that we want to allow "trial" members...so even authenticated users might be malicious)
3) Have a separate disk partition which is where all uploaded files go to. Think of it as a "loading dock." All uploads go here first, and then a separate PHP script rumages through the loading dock, verifying that files are ok and that there's enough space before adding them to the main partition of our server.

Is #3 a good idea? Is it necessary? Perhaps the temporary location for PHP uploads would suffice as a loading dock? But should I stick this dock on a separate partition? I'd appreciate any comments to my promposed implementation/precautions, or alternat implementations. Thanks!

Posted: Mon Feb 09, 2004 8:17 pm
by Ixplodestuff8
Well you could try using an image that randomly displays a number that must be put down to prevent a bot from uploading. Of course if someone really wanted to they could still do it manually, try logging IP's and have a upload limit for the IP aswell.

Posted: Tue Feb 10, 2004 6:13 am
by Pointybeard
Flood protection. Dont allow too many uploads from a single user/IP within a given period. Somthing like 1 per minute to a max of, i donno, 10 per day or somthing. Maybe set a cookie on the users computer, and if that is still there when they go to upload, dont let them upload.

Posted: Tue Feb 10, 2004 7:50 pm
by rhunter007
Thanks for the tips. Now I've thought of a more basic question actually...Let's say I run the PHP script in an SSL secured directory. How do I actually restrict uploads to authorized users? I know that I can write something like:

Code: Select all

if (authCheck()) {
  ... move_uploaded_file(...) ...
}
But how does this prevent an unauthorized user from dumping files in the PHP upload temp directory?

And a related question: What if I go to some random site and they have, say, an index.php file for their main page. What if I craft a HTTP POST request with a file and send it to that index.php? What will happen? Will it dump the file in the temp directory?

Thanks for the help.