Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why should web uploads be stored outside of the document root?

DOCUMENT outside stored uploads web
0
10 Posted

Why should web uploads be stored outside of the document root?

0 CommentsAdd a Comment

1 Answer

0
10

The intent of this stipulation is to prevent someone from directly accessing content that they may have just uploaded. If someone uploads a PHP script to your web server, and your server is configured to store uploads within the main web site directory structure, and your server is configured to execute PHP scripts from within the main web site directory or sub-directories, then the uploader could directly request the URL to the uploaded file and have your server execute their script.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123