Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Storing files securely - database or filesystem

Posted on 2016-11-01
3
Medium Priority
?
151 Views
Last Modified: 2016-11-03
Hi all,
I have a system in which trusted users can upload files to a systems.
The two appraochies Im considering are either storing the file data in a table as a blob, then having a PHP script put the file back together when its requested, or having them all stored in a non web accessible folder which is then served by a php script.

In terms of performance, Im guessing the web server option is best, but in terms of security which is best?

Thanks
0
Comment
Question by:Stephen Forlance
3 Comments
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 1000 total points
ID: 41868499
If access to the site is adequately protected, either approach is fine with respect to security.  On the web server, you would put the upload directory outside of the WWW root directory tree.  This would make it possible for your PHP scripts to use the directory, but impossible for a client to write a URL that pointed directly to the files.  The only way to get to the files would be through the PHP scripts that implemented your security protections.

If you're thinking of using the database for file storage, I would urge you to rethink that.  The reasons go to performance and backup.  Both of these factors will be greatly impaired by having large blob columns in a database.
0
 
LVL 36

Assisted Solution

by:Loganathan Natarajan
Loganathan Natarajan earned 500 total points
ID: 41869570
Also, you can think to store the files in Cloud based storage like Amazon EC2 or MS Azure where it gives more security and performance to access the files.
0
 
LVL 61

Assisted Solution

by:Julian Hansen
Julian Hansen earned 500 total points
ID: 41869766
I would look at Amazon S3 - which does provide security. DropBox until recently ran off Amazon.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question