Web application to upload files.

wd40

Hi All,

I am looking for a web application that will allow me to easily upload files to my Linux based site.

I thought about installing a forum and posting new threads and attach files but I am sure there is a simpler way to do this.

I asked on godaddy's forum and got a reply warning me about data storage and security policies.

The application will only be used by me for my personal use and not for file sharing.

Thanks

dynamik

Do they need to be displayed/organized? You could just use a simple web form: php file upload form - Google Search

WordPress, Joomla, Drupal, etc. might work for you as well. Depends on your needs...

wd40

PHP will not work, I need something that can be easily locked and can not be crawled by the various search engines.

I have Joomla installed but to upload files I will need to log in to administrator mode and I don't want to do that .. I am too lazy .

Welcome to the Frontpage

tiersten

Password protect the directory if your web host allows that. If you're too lazy to do that then pick a really unlikely to be guessed directory and take the risk that something somewhere will index it.

You could make something in PHP or whatever your favourite language is fairly easily if you can't find a prebuilt package that does this already.

You need to check with your webhost to see whether you're allowed to do this though. I know Dreamhost started getting annoyed with people using their "unlimited" storage space as backup space and added it to the T&Cs forbidding you from doing this. Their solution was to give you 50GB of backup space but it wouldn't actually be backed up by them...

dynamik

tiersten wrote: »

Password protect the directory if your web host allows that. If you're too lazy to do that then pick a really unlikely to be guessed directory and take the risk that something somewhere will index it.

And be sure to specify the directory in your robots.txt file. It'll prevent the search engines from indexing your content, and it'll save an attacker time by telling them exactly where the good stuff is located

tiersten

dynamik wrote: »

And be sure to specify the directory in your robots.txt file. It'll prevent the search engines from indexing your content, and it'll save an attacker time by telling them exactly where the good stuff is located

LOL yup! It is a big sign saying SECRET STUFF HERE! Its always funny when people do that and then get surprised when you go straight for their "hidden" portion of the site.

I've noticed that there are quite a few bots that read robots.txt and ignore the exclusions. The bots from companies that are attempting to detect copyright issues or plagarism in school/university work tend to be in this category.

wd40

It will be basically used to upload some excel and word files, I have a whooping 1 MB /256 KB link with a 6 GB CAB, so my backups will remain on my trusted offline external drives for now.

If I can not find a ready made package I will use the administrator mode in Joomla, I don't want to go through learning php for now and risk my site being hacked because I copied some code into my site.

tiersten

wd40 wrote: »

If I can not find a ready made package I will use the administrator mode in Joomla, I don't want to go through learning php for now and risk my site being hacked because I copied some code into my site.

You're assuming that Joomla itself doesn't have any security holes...

If you're just uploading from a fixed set of computers then just use FTP or whatever it is that your webhost provides for you to upload files. Nothing needs to be installed then.

wd40

I use fireFTP at home but can not use ftp at work ..

again, I need "actually it would be nice to have" an easy application.

About joomla, It does not need to be super secure, I am not saving password lists or private data on there ...

dynamik

What exactly are you trying to accomplish?

tiersten

wd40 wrote: »

I use fireFTP at home but can not use ftp at work ..

I'm curious as to what you're transferring now...

wd40 wrote: »

About joomla, It does not need to be super secure, I am not saving password lists or private data on there ...

I don't mean security holes as in exposing private data. I'm more hinting at the security holes which allow attackers to alter your data and install their own software.

wd40

dynamik wrote: »

What exactly are you trying to accomplish?

It is simple, I have some files related to my certification and university study, sometimes I want to access them from work.

I can't VPN to my home PC either for the same reason I can't use ftp at work.

I am not trying to "steal" any work related data .

wd40

tiersten wrote: »

I'm curious as to what you're transferring now...

I don't mean security holes as in exposing private data. I'm more hinting at the security holes which allow attackers to alter your data and install their own software.

Not transferring any thing now ...

Basically my site does not worth that much, accessing it will get you a 404 page, if you know the directory which has joomla installed you will see nothing "every thing is or will be disabled soon, except for the log-in menu".

some years back it was hacked through a shout box that did not need to be there by some script kids, so now I want it to be basic "like windows server 2008 core" to minimize the surface of attack.

tiersten

wd40 wrote: »

It is simple, I have some files related to my certification and university study, sometimes I want to access them from work.

I can't VPN to my home PC either for the same reason I can't use ftp at work.

I am not trying to "steal" any work related data .

If you never upload anything at work then you can just upload via FTP at home. At work you just download via HTTP like normal.

tiersten

wd40 wrote: »

Basically my site does not worth that much, accessing it will get you a 404 page, if you know the directory which has joomla installed you will see nothing "every thing is or will be disabled soon, except for the log-in menu".

some years back it was hacked through a shout box that did not need to be there by some script kids, so now I want it to be basic "like windows server 2008 core" to minimize the surface of attack.

If you install any complex package like Joomla then you also have to continually keep up to date with new versions or fixes. Its not just install and then never touch it again.

wd40

tiersten wrote: »

If you never upload anything at work then you can just upload via FTP at home. At work you just download via HTTP like normal.

What about the search engine crawlers?

I know about the continuous updates needs, I get a warning when an update is needed and just need to click confirm and install .

If all attempts fail I will give up, take your advise and look for some php code snippets and make something simple.

dynamik

wd40 wrote: »

It is simple, I have some files related to my certification and university study, sometimes I want to access them from work.

I just use gmail and google docs for things like this.

tiersten

wd40 wrote: »

What about the search engine crawlers?

Set a password on the directory like we said earlier in this thread...

wd40

dynamik wrote: »

I just use gmail and google docs for things like this.

I am not a fan of the cloud + I am paying for hosting plan and I am going to use it, even if there are more convenient ways

wd40

tiersten wrote: »

Set a password on the directory like we said earlier in this thread...

I just did that, godaddy provides a simple way of doing this, select the folder and password protect .

Thanks tiersten and dynamik

dynamik

wd40 wrote: »

I am not a fan of the cloud + I am paying for hosting plan and I am going to use it, even if there are more convenient ways

I have an OpenBSD VPS ($10/mo) running SSH on port 443. It's my private cloud; the possibilities are endless

wd40

dynamik wrote: »

I have an OpenBSD VPS ($10/mo) running SSH on port 443. It's my private cloud; the possibilities are endless

With TechNet Plus + University fees + Certification costs I just cant afford the extra 80$ per year to get this .

NightShade03

It's also worth noting that you could have done the PHP solution with a very quick Google. It's 20 lines or less to have a simple page that uploads anything you'd like, which can't be crawled if the directory is locked or the page is password protected through a .htaccess file.

wd40

NightShade03 wrote: »

It's also worth noting that you could have done the PHP solution with a very quick Google. It's 20 lines or less to have a simple page that uploads anything you'd like, which can't be crawled if the directory is locked or the page is password protected through a .htaccess file.

Done, Found a script that will do that + more

PHP Directory Listing Script - Evoluted New Media

now I need to modify it to allow deletions.

tiersten

wd40 wrote: »

Done, Found a script that will do that + more

Make sure to keep that directory well hidden and protected.

One thing you may have an issue with is that PHP has a configuration setting which defines the largest file you can upload. If you want to upload something larger than this then you'll need to do it via FTP or some alternative file transfer mechanism.

NightShade03

tiersten wrote: »

Make sure to keep that directory well hidden and protected.

One thing you may have an issue with is that PHP has a configuration setting which defines the largest file you can upload. If you want to upload something larger than this then you'll need to do it via FTP or some alternative file transfer mechanism.

You can change the max upload size in the php.ini file...although a) I'm sure you knew this and b) you really should pass 50MB files through a web upload form either