...

View Full Version : Security concerns on starting a file host



cyphix
11-16-2005, 05:29 PM
Hey guys..... I've been thinking of starting a file hosting site like www.megaupload.com, www.zupload.com etc.... I see these sites pretty much allow any file type... I was wondering if I were to start one what should I be worrying about security wise?

Thanks guys for any input! :D

SteelValor
11-16-2005, 05:38 PM
I would drop this idea like a dirty diaper. The legal ramifications alone are enough to make me squirm.

oracleguy
11-16-2005, 05:58 PM
Actually, the legal ramifications are something to be concerned about but aren't that big. You just need a well written TOS (Terms of Service).

Pretty much though you'd want a server setup that would scan uploaded files for viruses and such.

cyphix
11-16-2005, 06:18 PM
Pretty much though you'd want a server setup that would scan uploaded files for viruses and such.

Yeah.. I thought of that; but what about security issues of people uploading PHP, perl files & any other format that may pose problems?

oracleguy
11-16-2005, 06:22 PM
Well, I don't see how that could really be a problem. But you could probably have the folders that contain user data setup so they can't execute PHP, Perl, CGI, etc.

But it depends on how the service was setup.

cyphix
11-16-2005, 06:31 PM
Ahh yeah..... that's what I was thinking also; probably the best idea. :)

oracleguy
11-16-2005, 06:34 PM
Were you planning to actually like look at what people uploaded to see if it was legal, etc.?

cyphix
11-16-2005, 06:40 PM
Hmmm...... haven't really gone that far into thinking about it yet; I assume it would be pretty hard to look at every file.

oracleguy
11-16-2005, 06:44 PM
Well, you could probably setup some sort of automated system but regardless I'd recommend against it. Because the problem is that once you do it once, you are obligated to, so it'd probably better legal ground to not check what people have uploaded at all. You of course can put in your TOS that illegal material can be removed without warning to the user, etc. though.

cyphix
11-16-2005, 06:56 PM
Yep.. good idea that; thanks for the tips! :)

SteelValor
11-16-2005, 07:55 PM
Actually you are liable wether you know about it or not. I forgot the casename, but I'll try to find it and post it later. :)

armyman
11-16-2005, 08:32 PM
dont allow .exe and .bat ect.. file because of viruses trojans and that stuff.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum