: How risky is putting sensitive files up on webroot? I understand that having anything sensitive under webroot is not smart; someone may be able to access it via url. However, I do not have

@Phylliss660

Your risk is greater than if the files were completely outside the webroot simply because they are accessible on the web. This means you are relying on the web server to secure something which would otherwise be freely available to anyone with the correct URL. This results in an increased attack surface with exposure to web server vulnerability exploits, whereas leaving them outside the webroot requires an attacker to obtain a greater degree of system access.

On the other hand, some thoughts about the effectiveness of Security through obscurity with regards to file or directory names:

If the name of a specific file or directory is very difficult (or nearly impossible) to guess, e.g., its name is a GUID/UUID, then IMO the risk is greatly decreased because the difficulty of brute-forcing such a name is comparable to brute-forcing a complex password. Of course, this also means that legitimate access to such files becomes more difficult, but that's what bookmarks are for. Unauthenticated access might even be considered secure (to an extent; highly vulnerable to man-in-the-middle attacks) if the names are "sufficiently hard to guess" (this is the general criterion applied to a password).

Relying heavily on security through obscurity is generally discouraged, but my view is that we are indirectly practicing it all the time by using passwords.

Vote Up Vote Down