Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Storing files securely - database or filesystem

Posted on 2016-11-01
3
Medium Priority
?
144 Views
Last Modified: 2016-11-03
Hi all,
I have a system in which trusted users can upload files to a systems.
The two appraochies Im considering are either storing the file data in a table as a blob, then having a PHP script put the file back together when its requested, or having them all stored in a non web accessible folder which is then served by a php script.

In terms of performance, Im guessing the web server option is best, but in terms of security which is best?

Thanks
0
Comment
Question by:Stephen Forlance
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 1000 total points
ID: 41868499
If access to the site is adequately protected, either approach is fine with respect to security.  On the web server, you would put the upload directory outside of the WWW root directory tree.  This would make it possible for your PHP scripts to use the directory, but impossible for a client to write a URL that pointed directly to the files.  The only way to get to the files would be through the PHP scripts that implemented your security protections.

If you're thinking of using the database for file storage, I would urge you to rethink that.  The reasons go to performance and backup.  Both of these factors will be greatly impaired by having large blob columns in a database.
0
 
LVL 36

Assisted Solution

by:Loganathan Natarajan
Loganathan Natarajan earned 500 total points
ID: 41869570
Also, you can think to store the files in Cloud based storage like Amazon EC2 or MS Azure where it gives more security and performance to access the files.
0
 
LVL 59

Assisted Solution

by:Julian Hansen
Julian Hansen earned 500 total points
ID: 41869766
I would look at Amazon S3 - which does provide security. DropBox until recently ran off Amazon.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question