0

I have a php script that uploads images to a directory in the server. But I saw some comments mentioning that images should not be uploaded to the root directory for security concerns. I am not sure of the security vulnerabilities that could arise if I upload to the directory that I am currently uploading to. Here is the path where the images will be stored. htdocs/images/filenames.jpg.A screenshot of my directory is shown so that it would be clear

Please advice me on where to store the images in a secure manner.

codeGEN
  • 686
  • 2
  • 18
  • 45
  • If you set chmod of folder to 644 and rename the image for example with timestamp, you should be fine – JTC Oct 04 '13 at 13:05
  • will it allow users to upload files to this directory if chmod is set to 644, because here http://www.draac.com/chmodchart.html the word will only be able to read. And can there be duplicate timestamps when multiple users are uploading at the same time. – codeGEN Oct 04 '13 at 13:10
  • It is added security based on the assumption that someone might upload a php file or other executable. Having an upload directory outside the webroot puts these files out or reach. You could chmod the directory to 755 during upload and set back to 644 afterwards. – Daniel Oct 04 '13 at 13:27
  • @Daniel can you specify what you mean by outside the webroot from the above image – codeGEN Oct 04 '13 at 15:01
  • 1
    When you make your first index page, the webroot is the place where you will put the file so you will be able to call it with `http://domainname.com/index.php` If this folder is your htdocs folder, then you should place your uploads above the htdocs folder. Basically at the spot you are looking at on the image. It is however not advisable to flood that location with file uploads. I would make a directory `uploads` in the directory tree `/root, so you get a folder `/uploads`. – Daniel Oct 04 '13 at 15:10
  • @Daniel The file manager of the web server advises not to upload files in the root. You can see in the screenshot the last file mentions (DO NOT UPLOAD FILES HERE). Since you are mentioning to create a sub directory inside the root will this make a difference. thanks. – codeGEN Oct 05 '13 at 03:03
  • 1
    Creating a folder "uploads" should be just fine. If you got permissions it should work. FYI, I keep my whole php framework application outside the web root and only carry a part inside the webroot. If you set it up right, you should be good. You probably have already read the answer underneath. What I do is upload the image and do security checks before I move them to the webroot and make them available for display. – Daniel Oct 05 '13 at 03:30
  • @Daniel if I move it outside the directory will relative paths still work. At the moment I am referring to images in my src like "/images/filename.png". Will it break all my paths since its not in the root. – codeGEN Oct 05 '13 at 03:36
  • Yes it will ... The upload outside the webroot is for security. You cannot use that path to show them in your page. See here http://stackoverflow.com/questions/258365/php-link-to-image-file-outside-default-web-directory – Daniel Oct 05 '13 at 03:48
  • let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/38649/discussion-between-crazy-php-man-and-daniel) – codeGEN Oct 05 '13 at 04:06

1 Answers1

2

There has been a lot of topics on the security of image uploads, but firstly it is permission of the directory 644 should do. Next you need to take care of the name, as suggested in the comments timestamp is fairly good way to go, however it must be combined with some randomly generated values (or use timestamp including milliseconds), however if you need to give the images a meaningful name, you must sanitize the user supplied name, filter out null bytes, directory traversals and other dangerous characters (I would whitelist and limit length of the image name, or randomly generate a string).

Rather than putting the image outside the web root, I prefer to use .htaccess with option php_flag engine off in it, to switch off any php execution in the directory. Also putting the images outside the web root makes them directly inaccessible, so you won't be able to use them in <img> tag, unless you use a PHP script to serve the image (which is a fairly secure method, if implemented correctly).

Lastly you want to check if a valid image is being uploaded, commonly the GD library is used, specifically the getimagesize, which will return image size only if a valid image is uploaded.

Also check this topic on security of image uploads.

Community
  • 1
  • 1
cyber-guard
  • 1,776
  • 14
  • 30
  • At the moment all my images are in the web root like /htdocs/images/filename.png. I have used a .htaccess file with the following commands AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi Options -ExecCGI will this be enough & also I am re-sizing the images using GD lib and deleting the users original image. – codeGEN Oct 05 '13 at 03:04