Does your website allow users to upload files? Learn secure file upload best practices and prevent dangerous vulnerabilities and attacks.
Almost every web application accepts user input, and one of the most common types of input is in the form of file uploads. Whether it’s a consumer application where users are uploading photos, or a business application that accepts pdfs and word documents, file uploads are an essential feature. However, they also open up the site to a host of potential risks and vulnerabilities.
Exploited by a hacker, a file upload vulnerability can open up a site to malware, unauthorized server access, attacks to website visitors, the hosting of illegal files, and much more.
File upload attacks can be grouped into 4 categories. When creating a system that accepts files from users, it’s important to evaluate the risks associated with each category and add security checks to defend against them:
To get a more detailed look into the types of attacks that are possible, this talk by Yahoo security researcher Ebrahim Hegazy goes over 15 common scenarios in exploiting file upload pages:
Now you that you know what attacks you are up against, it’s time to start asking questions about your system. Go through the following checklist of questions to identify potential vulnerabilities and prevent malicious uploaders from exploiting your system. The answers will give you insight into the risks that you are currently facing and help you determine the cost of a project to secure any existing vulnerabilities.
After you’ve answered the above questions for your system, or if you are dealing with a project where you are developing a file upload feature from the ground up, there are technical decisions to make. Mainly, deciding whether it is better to use an off-the-shelf system to secure file uploads, or build it in-house.
Using an off-the-shelf file upload system can be a fast way to achieve highly secure file uploads with minimal effort. If there are no special storage requirements or legacy systems to migrate, this option can be a great way for organizations to support file uploads by users. Especially if development resources are constrained.
These services usually offer enterprise-grade security with features such as antivirus scanning, user access controls, and well-documented and updated libraries in many common languages. Creating a secure file upload system using a third party is as easy as integrating their JavaScript library into the application’s frontend, then using the backend libraries to access the files as necessary by the system.
There are many services on the market that are available for developers. The most popular include:
Filestack – Previously Filepicker.io, Filestack was/is one of the first popular file uploading services. Since then, they’ve added advanced enterprise-level features while still maintaining an accessible free plan.
Transloadit – Transloadit offers an open-source uploader widget that can optionally pair with their paid file hosting and processing services.
Cloudinary – Specializing in publishers where uploaded content mostly comes from within the organization, Cloudinary offers an image and video upload service that specializes in advanced transformations.
Uploadcare – A more affordable upstart that provides uploads, media processing, and adaptive delivery for web and mobile.
Because a third party is handling the upload, storage, and delivery, the security risks are significantly reduced. Files are no longer saved on your system’s infrastructure and this reduces the chances of a system-wide vulnerability. However, access control to the files and how the files are processed by the system after the upload are still potential risks that must be assessed.
When making the decision to use a third party, there are a couple important considerations:
The other option is to handle file uploads in-house and build protections against the most common vulnerabilities. Choosing an in-house solution is a good option for organizations that have special requirements for their data that prevent third-party vendors from being used (for example, highly sensitive documents). An in-house solution is also a good option if the file upload system is part of a larger legacy system that would result in a prohibitively expensive migration.
If you do decide to implement the security yourself, these recommendations will help you avoid the 4 types of file upload attacks that were mentioned above:
The tips above cover the basics when it comes to keeping file uploads safe. However, when developing an application that requires high-security, it can be worth building in additional protection. The following recommendations go over more advanced techniques for applications that require enterprise-grade security.
Creating a secure file upload system can be challenging even without having to think of security. However, investments made in creating a secure system prevent costly security breaches that can have a significant impact on an organization’s reputation and bottom line. As a developer, it’s important to identify cost-effective ways to handle file upload security and evaluate the tradeoffs between an in-house and third-party solution. If you are interested in exploring the benefits of using a third-party, call us today at 1-888-415-1885 or:
Filestack is a dynamic team dedicated to revolutionizing file uploads and management for web and mobile applications. Our user-friendly API seamlessly integrates with major cloud services, offering developers a reliable and efficient file handling experience.