I’m developing a website for uploading and encrypting files.
If someone were to upload a malicious file, would removing/renaming the file extension prevent any harm to my server?
Thanks.
I’m developing a website for uploading and encrypting files.
If someone were to upload a malicious file, would removing/renaming the file extension prevent any harm to my server?
Thanks.
If you have a program to run unknown files, then no.
If you have a program that runs any file as a specific file (runs .scr files as .exe) then no.
If it is a website for uploading and encrypting files, do you ever have to “open” or “execute” the file?
Hi,
No, the files are never executed on the server, only stored. They’re also uploaded in chunks.
Then I would imagine that the files can never harm your server unless executed. To be safe, you can rename the files. Is there any advantage to keeping the original name?