Home >Backend Development >PHP Tutorial >Vulnerabilities on the web, analysis of their principles, and prevention methods (methods for storing secure files)_PHP Tutorial
This type of vulnerability is mainly because it can read the path name passed in by the user and use incorrect filtering methods, causing malicious users to save files to unexpected places, causing security risks.
In fact, we only need to focus on a few places. Let’s analyze it first. Since the user wants to save files, and the files will be in various formats; some file contents may be inconsistent with the user’s input format, and some file contents may not be consistent with the user’s input format. Contains Trojan horse code. Then, we let the user save the file, authorize it separately from the site file, and implement isolation.
Make the save and save directories independent. The directory permissions are read-only and cannot be executed
This step is authorized from the system design. No matter what file you have last time, it will not be executed. Even if I don't do any testing, if all your files are stored here, it won't pose a security risk to my system. (If there are pictures with reactionary words stored on the user’s website, they will need to be dealt with separately)
Do not directly use the server incoming values, all must be detected
This type is the same as our principle that all input is harmful. For the type and name passed in by the client, they must be judged and not used directly. For a certain directory and a certain file name to be generated.
The best way to use the file name is to hard-code the directory yourself (do not read the incoming directory). It is best to randomly generate the file name yourself without reading the user file name. The file extension can be the characters following the rightmost ".".
The above two methods just put overall constraints on the storage from two aspects.
Method 2: Save the file name, write it in the directory you specify, and the file name is generated by yourself.
Method 1: Just make sure the file is written to the correct location, and then configure permission control on the writing directory. This is the root cause. It can be done. No matter what files you save, you will not have permission to jump out and run them.
The above two methods, used together, can ensure that the file is saved in the correct place, and then the permissions can be controlled. By the way, to determine whether the file saved by the user meets the required type, the file extension is directly checked. As long as the extension is met, the file is allowed to be saved. Anyway, with execution permission restrictions in place, it doesn’t matter if you don’t upload the content as required. Anyway, if it can't be implemented, it won't be very harmful.
Correct steps:
1. Read the file name and verify whether the extension is within the range
2. Define the generated file name, directory, and extension by yourself, which can come from the file name extension. All other values are configured by yourself and the contents of the upper memory are not read
3. Move the file to a new directory (the permissions of this directory are set to read-only)
Okay, the above is the general operation method. I hope it will be helpful to everyone. Friends are also welcome to communicate! I also hope to provide a better method! Next, I will continue to write some of my experiences and opinions on functional safety design of some common methods in web development!