PHP/Answer Detail

Browse field

kumar.udca
Member
4 Points
2 Posts

How we prevent malware in browse field

Total Answered: 3
Total Marked As Answer: 0
Posted On: 03-Apr-2017 04:59
Share:   fb twitter linkedin
Answers
Rahul Maurya
Moderator
1068 Points
204 Posts
 
 
Posted On: 03-Apr-2017 05:26

Hi,

Can you explore more about browse, what are you facing problems? Although if you are giving upload file facility to a normal user. You can assure following  points.

There are six steps to protecting a website from file-upload attacks.

  1. The application should use a whitelist of allowed file types. This list determines the types of files that can be uploaded, and rejects all files that do not match approved types.
  2. The application should use client- or server-side input validation to ensure evasion techniques have not been used to bypass the whitelist filter. These evasion techniques could include appending a second file type to the file name (e.g. image.jpg.php) or using trailing space or dots in the file name.
  3. The application should set a maximum length for the file name, and a maximum size for the file itself.
  4. The directory to which files are uploaded should be outside of the website root.
  5. All uploaded files should be scanned by antivirus software before they are opened.
  6. The application should not use the file name supplied by the user. Instead, the uploaded file should be renamed according to a predetermined convention.
kumar.udca
Member
4 Points
2 Posts
 
 
Posted On: 03-Apr-2017 05:46

How we scanned by antivirus software before they are opened. using php program

Rahul Maurya
Moderator
1068 Points
204 Posts
 
 
Posted On: 03-Apr-2017 05:56

Blog

Active User (8)

 Log In to Chat