Reputation: 895
Security measures to be taken while building photo sharing website
I am building a photo sharing website in php. I have almost completed it. I want to know what are the security measures we should take in storing images. I am using file system to store the images. How can I make it secure? Is there anything I can use to password protect the directories in which the images are stored?
Upvotes: 1
Views: 329
Answers (2)
Reputation: 11
Another possible solution - without overhead - consists in restricting the access to your image folder using HTTP basic access authentication. You can maintain the .htaccess and the password file with PHP accordingly with your user's credentials.
If you don't want the browser to popup for the user and password you can provide them using JavaScript.
Upvotes: 0
Reputation: 19573
The biggest thing is to make sure it cannot be accessed directly. The files should be stored outside of the web root and a script should be used to send the image.
This adds overhead but it will make it secure. It will also be somewhat harder to take advantage of CDNs.
Upvotes: 1
Related Questions
- how to secure my website
- Password Protected Photo Album PHP/MySQL Server Load
- How to secure user's images on a server?
- PHP - Security what is best way?
- How to secure PHP website (not yet uploaded in the internet)
- How do I secure private photos that a user uploads on my site?
- Securing my site
- Password security for photo albums
- how to secure member photos for high-traffic website
- Database design for sharing photos site?