I have this in my code:
Sample PDF
So basically it will appear to be a download link to file 'sample.pdf' but the problem is, there's a restriction in downloading this file. so whenever there are confidential reports uploaded and a malicious user accidentally memorized or viewed the URL of the download link in the browser history he can easily download it even without accessing the website because it is a direct link. What am i supposed to do so this link will be protected? or be downloaded only for the user assigned to it?
Don't serve up files by their direct URLs. Have a PHP script receive the filename of the file wanted, and serve it up.
So, if someone wants to download the above files, he would go to
example.com/getfile?file=sample.pdf
Your PHP script would check if the current user has permission to view the file, and then serve it up.
Make your links like this:
Sample PDF
Your current method is very insecure for sensitive files. A malicious user could trivially write a script to download ALL files in res/pdf. All he needs to do is check every permutation of letters in the directory, and throw away all 404 errors.
You will not redirect the user since that would defeat the purpose. You will serve the file as a download with the appropriate Content-disposition header.
Here's an example: Fastest Way to Serve a File Using PHP
You can google and get many more examples.
Here's a great example that shows how to serve PDF files:
https://serverfault.com/questions/316814/php-serve-a-file-for-download-without-providing-the-direct-link
You can restrict using htaccess
Related
Unable to correctly use php code to load a video mp4 file stored in home directory.
Hi, I am building a WP site that sells instruction video mp4 files. To protect the files I have placed them in a directory called videos which is in the home directory (outside of the public_html directory) to protect the files from being downloaded for free. I am trying to write php code for loading the video. However, I can't access the video in /home/username/videos.
My code:
add_action('template_redirect', 'video_redirect', 5);
function video_redirect(){
if (is_admin())
return;
if (!is_page(videoplayerpageonmysite))
return;
$filename="/home/username/videos/videofile.mp4";
echo " Your browser does not support the video tag.";
Each time I run the code I get a No video with supported format... error.
I'm only able to get it to load the video file when it is in the public_html folder (it works perfectly then), but not when it is located in /home/username/videos/
Please help!
You can't give the browser a file path on your server's hard disk and expect it to be able to load it. It will resolve it as a relative URL, ask the HTTP server for it, and then get a 404.
You need to give the browser a URL that actually loads the file.
If you want to limit who can access it (e.g. people who have paid), then you could write a PHP program that checks to see if the request is coming from someone who has paid (i.e. Authentication + Authorization), then reads the file and outputs it in the HTTP response.
You have to use a PHP script as the source URL in the video tag and specify some identifier for which video it should load e.g. src="loadvideo.php?id=1" or something. (This is because the source must be a valid URL which is actually accessible on the webserver - the browser, which don't forget runs on the user's machine not the server, cannot navigate to a path on disk. If it could, then moving your files outside the public_html folder would not provide any security!)
And then when the video tag is loaded into the page, it will make a request to that URL, which causes the PHP script to run. The script must associate the provided ID with the correct file on disk, fetch the contents of that file and echo them as the response, along with appropriate headers (e.g. mime type etc). You can probably find examples of this pattern online already.
Of course the PHP script will also need to authenticate the request to make sure the requestor is a signed-in, paid user, otherwise you still aren't protecting anything. Without this last step, anyone could just visit the PHP script's URL and provide an ID until they got a result, and download the videos just as if you'd put them in the public_html folder. As long as you implement security correctly though, only users who already paid for the videos would be able to download them.
If I place video file to for example
www.myweb.com/webroot/video.mp4
I am able to play it in VLC player in streaming option. I am using CakePHP 3 framework.
Where this file is placed in
/volume1/web/myweb/webroot/video.mp4.
But my question is how do I create link to file which is in Synology NAS, its link is:
'/volume1/video/Films/video.mp4'
To be accessible from a web?
I added to open_basedir in PHP in a directory :/volume1/video;
Instead of pointing to the actual file, have you tried reading the file using a PHP script?
For example, your site could have a link such as yoursite.com/video.mp4, but instead, you could have yoursite.com/getfile.php?f=video.mp4.
This getfile.php script can securely get the file from anywhere in your file server where your www user has access.
I personally use the readfile_chunked function documented here in the comments, as well as the appropriate headers needed to be sent before.
Note: Make sure you secure your getfile.php script to prevent users from reading any files on your drive. In my case, I force my script only to accept certain keys which correspond to actual files (ex: yoursite.com/getfile.php?filekey=Ab183Fca82, where Ab183Fca82 points to video.mp4)
I have uploaded some zip files to my server and now want to allow a user to download them if he/she has an appropriate password. I'm coding in PHP and I've made it so a user cannot access the page with the links to zip files unless the proper password has been entered, but by having a link to my zip file the user could just see and in future cases type in the absolute location of the zip file and bypass my password checks. If I change the file permissions on the zip file then I can't have it as a link because the user won't be able to access it. How can I allow the user to get the zip file while still keeping it secure? Any suggestions would be much appreciated.
The best way to do this is to mask url.
user logins
generate a token based on his login details. some md5 or whatever you decide
create a download link (eg: download.php) that load the file based on valid token and session and get's the file with file_get_contents().
Use .htaccess to deny direct access to files. Put this .htaccess file in relevant folder.
Then from php authenticate user and after successful authentication, redirect user to a download.php with file name as a parameter (or even id), then use force download to let them download. This way even if they have direct link to zip file, they will not be able to download the file.
You need to write code that can hide download links/ the links need to expire and new links should take its place and/or links should change.
You can code it in PHP or use an existing piece of code that exactly does this.
http://sixthlife.net/product/secure-download-links/
I have a WordPress site, in which type1 users can upload *.doc files and type2 users should be able to open them by clicking on a link which represents a file.
The file then should be opened in a new window of the browser.
I got the first part easily - there are many guides on uploading a file.
But I couldn't find one that goes through all the steps of getting and opening a file which resides on a server directory.
I assume clicking the link should cause an ajax request which will send the file key to the server.
The server can then get from the MySQL DB the file name and location.
But what do I do then?
How do I get the file from the server directory, send it back to the client and open it for reading in the browser?
Edit:
I want the files to be confidential and not let just anyone read them so giving the users the link for the file on the server isn't the right way.
I still think I need to send the file from the server directory to the client.
How can this be done?
You can add links to uploaded media in WordPress easily. Just remember to link to the actual file:
I want the files to be confidential and not let just anyone read them so giving the users the link for the file on the server isn't the right way.
Yes it is. You can't let people read the document without giving them the document.
If you want to keep it confidential, then require the users to agree not to share the link with anyone else. Or go further and add a layer of authentication + authorisation and also require that users not hand over their credentials.
Simply, redirect the browser to the location of the file. It's depend on user's browser settings that file opens on the browser directly, or user sees open/save dialog.
But, if you want to open the file inside the browser without letting user download it, you should redirect her/him to a custom page. e.g. a page that loads a doc editor.
There's no way to show a Microsoft Word file inside the browser unless they install proper software. e.g. an Applet or ActiveX or something that be able to open MSWord files.
Consider using WP Client File Share plugin.
I am trying to secure my PHP Image upload script and the last hurdle I have to jump is making it so that users cannot directly excecute the images, but the server can still serve them in web pages. I tried changing ownership and permissions of the folders to no avail, so I am trying to store the images above public_html and display them in pages that are stored in public_html.
My File Structure:
- userimages
image.jpg
image2.jpg
- public_html
filetoserveimage.html
I tried linking to an image in the userimages folder like this:
<img src="../userimages/image.jpg">
But it does not work. Is there something I am missing here? If you have any better suggestions please let me know. I am trying to keep public users from executing potentially dangerous files they may have uploaded. Just as an extra security measure. Thanks!
You want something that's basically impossible.
The way a browser loads a page (in a very basic sense) is this:
Step 1: Download the page.
Step 2: Parse the page.
Step 3: Download anything referenced in the content of the page (images, stylesheets, javascripts, etc)
Each "Download" event is atomic.
It seems like you want to only serve images to people who have just downloaded a page that references those images.
As PHP Jedi illustrated, you can pass the files through PHP. You could expand on his code, and check the HTTP_REFERER on the request to ensure that people aren't grabbing "just" the image.
Now, serving every image through a PHP passthru script is not efficient, but it could work.
The most common reason people want to do this is to avoid "hotlinking" -- when people create image tags on other sites that reference the image on your server. When they do that, you expend resources handling requests that get presented on someone else's page.
If that's what you're really trying to avoid, you can use mod_rewrite to check the referer.
A decent-looking discussion of hotlinking/anti-hotlinking can be found here
Use an image relay script!
To serve a imagefile that is outside the public_html folder you would have to do it by a php script. E.g make a image-relay.php that reads the image that is outside the public html...
<?php
header('Content-Type: image/jpeg');
$_file = 'myimage.jpg'; // or $_GET['img']
echo file_get_contents('/myimages/'.$_file);
?>
Now, $_file could be a $_GET parameter, but its absolutley important to validate the input parameter...
now you can make an <img src="image-relay.php?img=flower.jpg"> to access a flower.jpg image that is located in /myimage/flower.jpg ...
Well, a web browser will only be able to access files and folders inside public_html.
If the public_html directory is the root of the server for your users, Apache cannot serve anything that is not inside/below that dorectory.
If you want a file to be served by Apache directly, you'll have to put it in/below public_html.
I think your misunderstanding is in the fact that if you include an image in an <img> tag, your browser will send the exact same request to the webserver to fetch it, that will be sent to the webserver if you try to open the src url of the image in your browser directly.
Therefore, either both things work, or neither.
There are hacks around, involving a (php or other) script to make sure that an IP that has requested the image has also requested the html page within the last few seconds (which will not work if the user is behind a proxy that rotates outgoing IPs) or by checking the referer (which does not work with HTTPs and also not if the user has referer disabled).
If you want to make sure that only some users can see the image (both via <img> tag and directly), you can put the image outside public_html and have a (php or other) script that verifies the user's credentials before serving the image.
If you are using Apache or lighttpd you can use the X-Sendfile header to send files that are not in the web root(provided you haven't changed the configuration of mod_xsendfile).
To learn more about X-sendfile see this site.
This solution is giving you the best possible performance as PHP doesn't send the file but the server does and therefore PHP can be exited while the files are being served.
Hope that helps.