|
|
How to protect a form e-file or upload |
| |
| Contact |
- You create a form to send or upload files.
- Did you know that it's an open door for a hacker?
- It is as if we do not know your FTP codes and could still send files to your server.
- What not to do:
- When you receive a file on the server, you do not rename it.
- When you receive a file on the server, you take all the extensions.
- When you receive a file on the server, you do not check the file contents.
- When you receive a file on the server, you do not check the file size.
- What to do:
- Rename your file randomly.
- Banish some extensions or files containing more than one point.
- Check the contents of the file. There may be code (php) to the end of the file for example.
- If this is a test image must attibuts of this image.
|
| |
| |
|
|
|