问题描述
我工作的公司最近在我们托管的站点上遭受了许多标头注入和文件上传漏洞的攻击,虽然我们已经解决了与标头注入攻击有关的问题,但我们还没有控制上传漏洞.
The company I work for has recently been hit with many header injection and file upload exploits on the sites we host and while we have fixed the problem with respect to header injection attacks, we have yet to get the upload exploits under control.
我正在尝试设置一个即插即用类型的上传脚本系列以供内部使用,设计人员可以将其复制到他们网站的结构中,修改一些变量,并准备好在他们的网站上上传表格.我们希望尽可能地限制我们的暴露(我们已经关闭了 fopen 和 shell 命令).
I'm trying to set up a plug-and-play-type series of upload scripts to use in-house that a designer can copy into their site's structure, modify a few variables, and have a ready-to-go upload form on their site. We're looking to limit our exposure as much as possible (we've already shut down fopen and shell commands).
我在过去一个小时内搜索了该网站,并找到了许多不同的答案,这些答案涉及依赖外部资源的特定方法.你们都认为什么是最好的纯脚本解决方案,它足够具体以用作可靠的保护方法?另外,如果可能的话,我想将语言限制为 PHP 或伪代码.
I've searched the site for the last hour and found many different answers dealing with specific methods that rely on outside sources. What do you all think is the best script-only solution that is specific enough to use as a reliable method of protection? Also, I'd like to keep the language limited to PHP or pseudo-code if possible.
我找到了我的答案(在下面发布),虽然它确实使用了 shell 命令 exec(),但如果您阻止上传脚本文件(此解决方案确实如此)很好),你不会遇到任何问题.
I've found my answer (posted below) and, while it does make use of the shell command exec(), if you block script files from being uploaded (which this solution does very well), you won't run into any problems.
推荐答案
恕我直言,最好的解决方案是将包含上传文件的目录置于网络"环境之外,并使用脚本使其可下载.这样,即使有人上传了脚本,浏览器调用也无法执行,也不必检查上传文件的类型.
The best solution, IMHO, is to put the directory containing the uploaded files outside of the "web" environment and use a script to make them downloadable. In this way, even if somebody uploads a script it can not be executed by calling it from the browser and you don't have to check the type of the uploaded file.
这篇关于上传文件最安全的方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!