Can my users upload a file?


#1

Hi. Ive recently moved over to Dreamhost from a vanishing webhost (really long story, let this be a lesson in backup). So far I’ve been very happy with the service.

Sometimes users on the website I run would like to send me a file that’s site-related. Sometimes email isn’t always optimal for this and third-party uploading sites can be a bit of a pain.

Anyways, I was thinking about putting a password-protected upload form on the site. I give the users who want to upload a file the password and they go in and upload it and I take it out with FTP.

I don’t personally see this getting me kicked out but Id just like to double-check. Thanks.

By the way, sorry for any typos. I bumped my head a year and a half ago. Im most recovered but right now I a bit of a headache.


#2

That is no problem, I do it myself with a plugin within WordPress.
The most important thing is that the user/uploader does not know where the file goes, because if it is an .exe or .php or many of the other “dangerous” files, they could “activate” the file and cause virusses or other problem. Not only on your website, but for the whole server you are on.
Just a password protection of course help for security, but not all “members” are real and passwords can be hacked.

You can with dreamhost setup a different user whoes files go in a seperate dir outside of any domain.

So depending on what upload form/plugin you use and the amount of security put in place, it is no problem.
Before I did it I contacted support about it and they where very helpful.


#3

Thank you.

I have the form set so they can only upload certain filetypes and executables arent one of those. Now to change the permissions… That will be fun, especially since I have a tendency to accidentally break things with CLIs.