: Security issues around giving directory link I have a directory under my public directory that I use for file transfer purposes. I put songs I'm working on here and then send the link to other
I have a directory under my public directory that I use for file transfer purposes. I put songs I'm working on here and then send the link to other band members, etc. It's the simplest way I've found to get big files to people who may struggle with ftp sites and Dropbox memberships. Occasionally I'll send the link to someone I don't know that we'll. Is this a bad idea from a security standpoint? As I understand it, any attempt to browse to the parent directory is foiled by the existence of a file named index.html or index.php. Do I need to worry about other possibilities? Also, I don't have anything on the site worthy of NSA proof security or any more than reasonable security measures. I just want to avoid malicious attacks, etc.
More posts by @Martha676
1 Comments
Sorted by latest first Latest Oldest Best
There shouldn't be any security issues if you block user from being able to view and navigate your site structure. Putting a blank index page should suffice (as would blocking it via .htaccess).
Another way to look at this is that these files are no different then other web assets like images, stylesheets, javascripts, etc. If they are in a publicly accessible directory they will be available to anyone who knows the URL. But there isn't any security issues directly associated with them being publicly accessible.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.