Browse field

kumar.udca
kumar.udca
12 Points
1 Posts

How we prevent malware in browse field

Views: 9797
Total Answered: 3
Total Marked As Answer: 0
Posted On: 03-Apr-2017 04:59

Share:   fb twitter linkedin
Answers
Rahul Maurya
Rahul M...
4916 Points
27 Posts
         

Hi,

Can you explore more about browse, what are you facing problems? Although if you are giving upload file facility to a normal user. You can assure following  points.

There are six steps to protecting a website from file-upload attacks.

  1. The application should use a whitelist of allowed file types. This list determines the types of files that can be uploaded, and rejects all files that do not match approved types.
  2. The application should use client- or server-side input validation to ensure evasion techniques have not been used to bypass the whitelist filter. These evasion techniques could include appending a second file type to the file name (e.g. image.jpg.php) or using trailing space or dots in the file name.
  3. The application should set a maximum length for the file name, and a maximum size for the file itself.
  4. The directory to which files are uploaded should be outside of the website root.
  5. All uploaded files should be scanned by antivirus software before they are opened.
  6. The application should not use the file name supplied by the user. Instead, the uploaded file should be renamed according to a predetermined convention.
Posted On: 03-Apr-2017 05:26
kumar.udca
kumar.udca
12 Points
1 Posts
         

How we scanned by antivirus software before they are opened. using php program

Posted On: 03-Apr-2017 05:46
Rahul Maurya
Rahul M...
4916 Points
27 Posts
         
Posted On: 03-Apr-2017 05:56
 Log In to Chat