|
-
Oct 7th, 2004, 03:20 AM
#1
Thread Starter
Lively Member
Web Server Security
Hi,
I am doing an ASP website that allows users to upload files into the webserver. I am using ASP codes to the upload.
One folder is created (in one folder for all uploaded files, call it "main-folder") for each uploading process. In cases of "rollback" situations, I'll delete the folder created for that process.
I've allowed 'write' and 'delete' permissions on the main-folder for everyone. Will that cause any insecurity of the web server?
Btw, I am using Win2K Server
Thank you.
-
Oct 7th, 2004, 03:59 AM
#2
The first thing that springs to mind is what happens if someone continuely uploads files until your HD is full
-
Oct 7th, 2004, 07:22 AM
#3
Thread Starter
Lively Member
Hm..
i've restricted each file size to 1MB and they have to go thru an authetication process before they can use that "upload page". Any suggestions to make it better?
-
Oct 7th, 2004, 10:06 AM
#4
I'm curious to this myself, I'd say what you've done is alright, maybe a method of tracking what each user uploads/deletes such as in a log or a database. That way you can see which of your users are maliciously causing damage or doing the wrong thing.
I use Microsoft Visual Basic 2005. (Therefore, most code samples I provide will be based around the .NET Framework v2.0, unless otherwise specified)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|