Secure files for download

Question

I want to have a folder, lets call it docs, that contains documents that logged in users can download. These have very sensitive information. How can I best secure the folder. I come from a PHP background so want to know if I have overlooked anything.

I will secure the folder with .htaccess and also when the users click download they are never shown the folder. The download is forced through to them via php removing the folder name.

Of course to secure the users area I am implementing sanitation and validation on all input fields plus watching out for SQLInjections. Using an SSL connection. Turned off all php warnings. The secure area uses SESSION variables to control access and re-verify users for special tasks such as changing passwords. Plus a timeout feature of 10 minutes, after which the user has to re-enter details.

I am trying to be as thorough as possible so any advice no matter how small will be welcomed.

Answer 1

Put the files outside of the webroot. Then using PHP pass the file though a script. That way no one can link to the file directly and bypass your controls. (Naturally make sure the script that does this only after verifying the user has permission to retrieve that file).

Sample PHP:

<?php
    if (!isset($_SESSION['authenticated'])) {
        exit;
    }
    $file = '/path/to/file/outside/www/secret.pdf';

    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename=' . basename($file));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
?>