Results 1 to 4 of 4

Thread: Web Server Security

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Aug 2004
    Posts
    70

    Web Server Security

    Hi,

    I am doing an ASP website that allows users to upload files into the webserver. I am using ASP codes to the upload.

    One folder is created (in one folder for all uploaded files, call it "main-folder") for each uploading process. In cases of "rollback" situations, I'll delete the folder created for that process.

    I've allowed 'write' and 'delete' permissions on the main-folder for everyone. Will that cause any insecurity of the web server?
    Btw, I am using Win2K Server

    Thank you.

  2. #2
    Frenzied Member DeadEyes's Avatar
    Join Date
    Jul 2002
    Posts
    1,196
    The first thing that springs to mind is what happens if someone continuely uploads files until your HD is full

  3. #3

    Thread Starter
    Lively Member
    Join Date
    Aug 2004
    Posts
    70
    Hm..
    i've restricted each file size to 1MB and they have to go thru an authetication process before they can use that "upload page". Any suggestions to make it better?

  4. #4
    Frenzied Member Ideas Man's Avatar
    Join Date
    Aug 2002
    Location
    Australia
    Posts
    1,718
    I'm curious to this myself, I'd say what you've done is alright, maybe a method of tracking what each user uploads/deletes such as in a log or a database. That way you can see which of your users are maliciously causing damage or doing the wrong thing.
    I use Microsoft Visual Basic 2005. (Therefore, most code samples I provide will be based around the .NET Framework v2.0, unless otherwise specified)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width