File Upload Security Best Practices


Image source: Pixabay

Nowadays, any website requires constant new information to remain relevant and attract visitors. That means periodically uploading new content files. If a web administrator is going to upload manually every single file, there would not be a lot of new content around. 

Therefore, more websites upload their content using a process known as automatic file uploading. This tool uses code to upload new files to a site without human intervention, increasing the efficiency in keeping websites up to date. However, it opens a new gate for attackers to penetrate systems and steal their information, as they can introduce malicious code to the system and steal information. This article will cover popular automatic file uploaders, different types of attacks and best practices to prevent them.

Characteristics of a Tool for Automatic Upload

First, let’s review a few features you should look when choosing tools for automating your uploads. There are several solutions around, some open source, some enterprise level. The best file uploading software however, should have the following characteristics:

  • Processes different types of uploads—simple, multipart and resumable.
  • Supports multiple coding languages—such as HTML, JavaScript and PHP.
  • Uploads directly to a server—without involving a third-party browser
  • Supports uploading multiple files—working with many different libraries for file uploading, or multiple file uploads from a single source. 
  • Has a progress bar—to track the uploading of the file

What Are the Risks of File Uploading? 

However convenient, automatic uploading can present security risks. Moreover, it is increasingly common for websites to allow users to upload their own files, such as videos and images for social media websites. 

A non-secure file uploading method can leave open a gate for attackers to exploit, introducing malicious content on the system. Here are the most common risks:

  • Not using validation or restrictions on the types of files— available for upload is a common vulnerability. That means, if an user can upload any type of file to the server, an attacker with access to the site can upload a malicious file, attacking the server. 
  • Relying mostly on MIME-type validation—nowadays, attackers can bypass this security barrier so you should set a layered security approach 
  • Blacklisting file extensions—this keeps track of potentially malicious extensions. However, as this method cannot list all possible malicious extensions, it is not so efficient, and may let some threats pass. 

Types of Vulnerabilities

File upload attack is a term that has caused a lot of buzz lately in the Internet and it refers basically to an attack in which a malicious file is introduced by deception techniques, tricking the system into upload it. The malicious file is then used by attackers to cause different kinds of damage to the system. In reality, there are several types of file upload attacks, the most common being:

  • File metadata attack—the filename and extension can make an application into copying the file into another location, overwriting an important file. 
  • File size attacks—attackers can use a botnet to upload simultaneously very large or a very large amount of files, overloading the application server. 
  • File content attacks—in this case, the content of the file is used to modify the application. For example, an executed malware can hide a key giving an attacker access to the system.
  • File access attack—the attacker modifies access rules around uploaded files, for example, leaking sensitive data to the public 
  • Remote file upload— an application makes use of a user input  to fetch a remote file from a site on the Internet and store it on the local server. Next, the file is controlled and executed by an attacker.
  • Local file upload—an application lets a user upload a malicious file directly to the server. Next, the file is executed by an attacker. 
  • Arbitrary file upload—this happens in web applications if the system does not check or filter the file type uploads. The danger of these vulnerabilities is that the attacker can upload a malicious file, or script and execute it.

Best Practices to Prevent Security Incidents

First, to avoid headaches, the best way to achieve fast and secure file uploads is to use a third party file upload system. This option can be a way for websites to support secure file uploads by users. 

There are a number of services offering enterprise-grade security, which include, user access controls, and antivirus/antimalware scanning. Such services support most common languages, and sometimes, creating a secure file upload system only requires to integrate their JavaScript library into the frontend. Afterward, you only require to use the backend libraries to access the files. 

Second, you can always try the DIY method. As attackers are always looking for gaps and vulnerabilities to exploit, organizations implement security best practices to prevent attacks. Some methods that help avoid file upload attacks include:

  • Restricting file extensions—only allowing file extensions deemed harmless.Thus, you can avoid executables, for example.  
  • Restricting access—allowing only specific users to upload files. This does not work with sites that rely heavily on user content, such as forums, or social media sites. 
  • Not serving files directly from the server—using an application server instead. 
  • Verifying file types—it is important to ensure that no files are hiding as harmless file types. For example, an attacker can rename a .exe to .docx., “passing” for a Word document. 
  • Using an anti-malware solution—even better would be to use multiple antimalware engines to be able to detect threats, with the shortest window of exposure to malware. 
  • Removing embedded threats—MS Office files, images and PDFs can have embedded threats in macros, that can bypass anti-malware engines. Remove any possible embedded objects. 
  • Authenticate users—using multifactor authentication before uploading a file.
  • Setting a limit to the file size—allowing to upload a file up to certain size can prevent a Denial of Service Attack. 
  • Randomize uploaded file names—You can alter randomly the names of the uploaded files, thus preventing attackers to identify and access the target file. 
  • Storing the files outside the website directory—can prevent the attackers executing a malicious file via a website URL. 
  • Simplify error messages—sometimes, directory paths or server configuration settings are used when sending an error message, in order to give more information to the user. However, this can also give information that a potential attacker can use. 

Conclusion

Automatic file uploading is helping users and organizations to keep up with the massive amount of data generated daily on the web. While the popularity of social media stems from the ability of users to upload and actually generate the content, this presents many risks from malicious users that can exploit this same freedom. However, using best practices as described above, can place a strong line of defense against attackers and malicious uploads.

Author Bio

Gilad David Maayan is a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.