Correct file upload folder permission

php codeigniter file-upload permissions

depending on the level of security you want, 777 might not be the best option (it's the simplest). The user the webserver runs as much have rwx to the folder, and if you want to be truly secure, the folder should not be under your webroot.

That means, if the web files are in /home/mysite/ ( eg /home/mysite/index.html maps to http://mydomain.com/index.html ) then the upload folder should be /home/uploads .

You application can use code to access the files via the system path ( /home/uploads ) but noone from the internet can directly access it that way.

Alternatively, if you cannot do the above ( eg because you're on a shared host ) you can use .htaccess (placed in the upload folder) for the same effect, by placing these rules :

Deny from allOptions NoneOptions +FollowSymLinks

( note that again, your app will need to use the system path, since Apache wont be able to serve these files directly ).

php codeigniter file-upload permissions

You could also use .htaccess to deny access to folders except those that you permit. At least I did same with mine and directories that are not listed for access in the .htaccess are not available to users.

Another safe way is to use a folder outside /public_html/Directories outside this folder can hardly be accessed externally.

CodeHunter

Correct file upload folder permission

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last