問(wèn)題描述
我在 Windows 平臺(tái)上使用 GoDaddy 網(wǎng)絡(luò)托管計(jì)劃.這不是我的選擇——它與使用 ASP.NET 的實(shí)際站點(diǎn)的不同部分有關(guān)(也不是我的選擇).
I am using a GoDaddy web hosting plan on a Windows platform. This was not my choice -- it has to do with a different part of the actual site using ASP.NET (also not my choice).
我有一個(gè) SQL 數(shù)據(jù)庫(kù),其中包含一堆包含一些非敏感客戶信息的條目.主鍵是一個(gè) AutoIncrement 整數(shù),我有一系列與這些整數(shù)匹配的 PDF 文件(例如 555.pdf、7891.pdf 等).
I have a SQL database with a bunch of entries with some non-sensitive customer information. The primary key on this is an AutoIncrement integer, and I have a series of PDF files that match up with each of those integers (e.g. 555.pdf, 7891.pdf, etc).
我的目標(biāo)是限制對(duì)這些文件的直接訪問(wèn),我希望用戶必須首先通過(guò)搜索和登錄過(guò)程 (PHP).最初我計(jì)劃將文件放在 PUBLIC_HTML 文件夾上方,但 GoDaddy 拒絕在沒(méi)有專用服務(wù)器的情況下授予我 root 訪問(wèn)權(quán)限(他們每月 20 美元).
My goal is to restrict direct access to these files, I want users to have to go through a search and login process (PHP) first. Originally I planned to put the files above the PUBLIC_HTML folder, but GoDaddy refuses to give me root access without a dedicated server ($20 a month from them).
接下來(lái)我研究的是 HTACCESS.我打算通過(guò)只允許訪問(wèn)服務(wù)器的 IP 地址(或 localhost/127.0.0.1)來(lái)將文件的訪問(wèn)限制為僅 PHP 腳本.不幸的是,這不起作用,因?yàn)?GoDaddy 不在其 Windows 服務(wù)器上運(yùn)行 Apache.
The next thing I looked into was HTACCESS. I was going to restrict access to the files to only PHP scripts by only allowing access to the Server's IP Address (or localhost/127.0.0.1). Unfortunately this doesn't work because GoDaddy does not run Apache on its Windows servers.
我可以將文件放入數(shù)據(jù)庫(kù)中的 BLOB 中,但是當(dāng)我需要快速處理它們時(shí),這會(huì)變得非常混亂(而且我在使用這種方法時(shí)遇到了一些問(wèn)題).
I could put the files into BLOBs in the database, but that gets really messy when I need to work with them quickly (plus I have had some trouble with that approach).
是否有任何建議將文件的訪問(wèn)權(quán)限限制為 PHP 腳本(readfile())?
Any suggestions to restrict access to the files only to a PHP script (readfile())?
推薦答案
由于您不能將文件放在 public_html 目錄之外的任何位置,因此您將不得不采用令人恐懼/討厭的隱匿安全"方法
Since you can't put the files anywhere but in your public_html directory, you'll have to go for the feared/hated "security by obscurity" method
創(chuàng)建一個(gè)隨機(jī)命名的子目錄來(lái)存儲(chǔ)文件:public_html/RANDOMGARBAGE
Create a randomly named sub-directory to store the files in: public_html/RANDOMGARBAGE
確保目錄不可瀏覽.禁用目錄瀏覽(如果可以),并在其中放置一個(gè)默認(rèn)文檔(index.html?),這樣即使打開(kāi)瀏覽,您也不會(huì)獲得目錄列表.
Make sure the directory is not browseable. Disable directory browsing (if you can), and put a default document (index.html?) in there as well, so even if browsing is on, you won't get the directory listing.
不要使用可猜測(cè)的名稱存儲(chǔ)文件.不是將它們與數(shù)據(jù)庫(kù) ID 一起存儲(chǔ),而是使用加鹽+散列名稱存儲(chǔ)它們: $crypted_filename = sha1($real_filename . 'some hard-to-guess salt text'); (當(dāng)然,如果需要,請(qǐng)使其更復(fù)雜).將原始文件名存儲(chǔ)在您的數(shù)據(jù)庫(kù)中.所以你最終會(huì)得到類似的東西:
Don't store your files with guessable names. Instead of storing them with the database ID, store them with a salted+hashed name instead: $crypted_filename = sha1($real_filename . 'some hard-to-guess salt text'); (of course, make this more complex if you need to). Store the original filename in your database. So you end up with something like:
public_html/RANDOMGARBAGE/5bf1fd927dfb8679496a2e6cf00cbe50c1c87145public_html/RANDOMGARBAGE/7ec1f0eb9119d48eb6a3176ca47380c6496304c8
通過(guò) PHP 腳本提供文件 - 不要直接鏈接到散列文件名
Serve up the files via a PHP script - never link to the hashed filename directly
下載
然后這樣做:
<?php
$fileID = (int)$_GET['fileID'];
$crypted_file = sha1($fileID . 'some hard-to-guess salt text');
$full_path = 'public_html/RANDOMGARBAGE/' . $crypted_file;
if (is_readable($full_path)) {
if(user_is_allowed_to_see_this_file()) {
/// send file to user with readfile()
header("Content-disposition: attachment; filename=$ORIGINAL_FILENAME");
readfile($full_path);
} else {
die("Permission denied");
}
} else {
/// handle problems here
die("Uh-oh. Can't find/read file");
}
這樣用戶將永遠(yuǎn)不會(huì)看到您的s00per seekrit"文件名是什么,他們只會(huì)看到他們的瀏覽器點(diǎn)擊了...php?fileID=37 并開(kāi)始下載秘密文件.pdf
This way the user will never see what your "s00per seekrit" filename is, they'll just see their browser hit ...php?fileID=37 and start a download of secret file.pdf
最重要的是,您可以偶爾定期將特殊子目錄重命名為其他名稱,以及更改鹽文本(然后需要您使用新的 sha1 值更新所有散列文件名).
On top of this, you can occasionally rename the special sub-directory to something else on a regular basis, as well as change the salt text (which then requires you update all the hashed filenames with the new sha1 values).
這篇關(guān)于限制文件訪問(wèn)——只能通過(guò) PHP 讀取的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!