I am here to try and cover all aspects of security that I can think of. The site I am currently working on will have the needed ability for users to upload a zip file, of which will be extracted to my server. They are website templates and as such an API is being used to capture screenshots. This is a very dangerous thing, and I would like to cover and protect myself as best as possible. If you have any ideas, thoughts, or suggestions on things I can do better, please let me know.
This is going to be spaghetti code, so please bare with me. Also note all of the extensions, mime types aren't listed this is just for example
if extension is zip and mime_type is zip
error: only zip files allowed
loop through all files in zip
if file is not valid extension or valid mime
: remove from zip
extract remaining files to public_html/templates/$template_id directory.
notes: directory is only accesible by 1 specific external API IP (screenshot API).
My own server doesn't have rights to execute. Only write/read.
Resave zip file with invalid files ommited
capture screenshots finished, template approved- all files are removed from public directory.
So, these files are out on my server for the time it takes the user to upload the zip file and approve the template (basically).
Is there anything else I can do so that this can further be locked down? The directory will also exist at an undisclosed location. In any event that they happen to stumble acrossed it (obviously some malicious user looking for something), a 404 will simply be displayed. All IP's (unless of the API's server will find nothing but a 404).
__________________ There are No Stupid Questions. But there a LOT of Inquisitive Idiots.