Secure way to store files in web server

This technology allows Amazon to theoretically decrypt and read your files, but still provides a decent amount of protection against many forms of attacks. The next thing you need to know about are your file permissions, also known as ACLs.

The full ACL documentation can be found here. The gist of it is, however, that when you upload files to S3, you can tell Amazon to give your files certain permissions.

Using Amazon ACLs you can create a very fine-grained amount of control over who has access to what files, and for how long: it is an ideal system for building secure applications. A general rule of thumb is to only grant file permissions when absolutely necessary.

When storing user files, keep them namespaced by user IDs in your S3 bucket. This way, you can easily distinguish between user files when looking at them from your storage service alone.

This way you have a single, simple place to reference all of your file data from your user account alone. This will keep them really safe. Finally, be sure to only grant the minimal necessary permissions you need for each file you store. Got questions?

Drop me a line or tweet me! How to Gracefully Store User Files. Only authorized users can answer the question. Please sign in first, or register a free account. Not the answer you're looking for? NET there are some options for this. Barth I developed it in java 7. Begueradj I developed it in java 7. Barth Your editing is helpful to improving the question,i appreciate you help — dimi. Show 3 more comments. Active Oldest Votes.

Useful links with very good answers: How to securely hash passwords? How to store salt? What is the purpose of a Pepper?

Or may be you are hosting your web application on a server on which you are limited in order the number of DBs and tables within a DB you are allowed to create: in that case, you can create a PHP configuration file instead of a text file where you store that information and follow the good practices in such situations such as protecting the folder in which this file is located with an.

Improve this answer. Community Bot 1. When my application starts it read my credential file and establish a connection with database server, all the users credentials are in database table,to establish a connection with database, my application must have a database credentials out side the database — dimi.

Add a comment. I'm already managing user permissions in database but still i have to save database credentials some ware outside the database — dimi. When you move one or more files from your local computer to another device or remote location, you are partaking in the activity of file sharing.

In some scenarios, the recipient will have to accept the file, but typically the transfer will complete automatically. There are a number of factors to keep in mind before you start actively file sharing. Today, however, file sharing is a key function for many businesses and other use cases. Before you can start distributing files over the internet, you need to determine what method and protocol you want to use. Your decision should be based on what types of files you are moving and who will be receiving them.

FTP was one of the first methods invented for moving data across networks and it remains very popular today thanks to its reliability and efficiency. FTP actions can be run through a command prompt window or a tool with a user interface. All it requires is for you to specify the source file you want to move and the destination where it should be placed. The purpose of a P2P file transfer is to remove the need for a central server that hosts the data.

Instead, individual clients connect to a distributed network of peers and complete the file transfers over their own network connections. P2P might eventually be used to create an unstoppable TOR. Whether or not The Onion Router TOR is a truly P2P environment depends on many factors, but its popularity in creating a more secure online connection is unquestioned.

With a cloud file sharing service, one user uploads their data to a central repository and then other users can download the files to their own devices.