Reputation: 1810
Encrypting URL and securing server
I have an app from which I upload files to the server. The files uploaded in the same folder where the php script is placed. THe files can be viewed easily if any one finds out the URL, thus it is very easy to hack and destroy the data.
I have to provide the download address to users for downloading the data they uploaded but if I provide the exact URL, their is fair chance of loss of data.
I want to know is there a way to encrypt the URL or any other way of securing the folder where my data is uploaded.
my URL is like www.hostname.com/myfolder/file.txt. Due to such plain URL, I can't benefit much from URL encoding in Java.
I am a Java programmer, I have experience in php.
Regards
Upvotes: 0
Views: 232
Answers (1)
Reputation: 33573
A few remarks:
- Use sessions and make the users authenticate themselves.
- Put the files in an
upload/folder, which is outside of the web root. - When files are requested, check in the
upload/folder if they exist and serve them from there. - If a file already exists, deny upload.
- Run everything from a secure (HTTPS) host.
Upvotes: 1
Related Questions
- Encrypting data in url
- Encrypt parameter in url
- How to encrypt url and decrypt to access denied access content?
- PHP Openssl Encrypt Data For URL
- How can I encrypt an URL (or rather the GET parameter part of it) using PHP?
- How to encrypt get data in URL
- Encrypting URLs in PHP
- How to encrypt/decrypt url for the whole server?
- Encrypting URL inside PHP code
- How to 'encrypt' information passed along in URL when redirecting in PHP?