Page 1 of 1

Uploaded File Security (SSL HTTPS)

PostPosted: 23.04.2015, 13:01
by Serkol
Oh sorry sorry... its working now!! All I changed was the initfunctions.php to use HTTPS instead of lower case https.

Must have just taken time for the DNS to fix itself.

Anyway I still have one remaining question...

How secure are the uploaded files?

I am looking to upload quite important business documents into this site... are they safe? Is there any way to improve the safety?

Look forward to any help

Thank you :)

Re: Uploaded File Security (SSL HTTPS)

PostPosted: 23.04.2015, 13:23
by Serkol
I am forcing HTTPS over the entire site with the following code in my .htaccess

Code: Select all
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://jobs.ccdact.com.au/$1 [R,L]



I have also found that you an access to uploads section (index) from a web browser... I am blocking the index with the following code in my .htaccess

Code: Select all
Options -Indexes