File uploads are essential for user productivity and many business services and applications. For instance, file uploads are an important function for content management systems, healthcare portals, insurance sites, and messaging applications. However, it is important to implement measures to ensure the security of file uploads, since leaving file uploads unrestricted creates an attack vector for malicious actors.

What are the File Upload Risks?

There are three risks when allowing file uploads on your site:

• Overwriting an existing file – If a file is uploaded with the same name and extension as an existing file on the server, this could overwrite the existing file. If the file that was overwritten is a critical file, the new file can potentially be used to launch a server-side attack. This could cause the website to no longer function, or it could change security settings to allow attackers to upload further malicious files.
• Malicious content – If the uploaded file contains an exploit, malware, malicious script or macro, the file could be used to gain control of the server or infect users’ machines.
• Very large file upload – If an extremely large file is uploaded, this could cause a Denial of Service (DDos) attack and bring down the site.

How to Prevent File Upload Attacks

To avoid these types of file upload attacks, we recommend the following ten best practices:

1. Only allow specific file extensions – By using a white list of allowed files, you can avoid executables, scripts and other potentially malicious content from being uploaded to your site.

2. Verify file types – In addition to white listing, it is important to ensure that no files are ‘masking’ as white listed file types. For instance, if an attacker were to rename an .exe to .docx, it would seem like a Word document but in fact is not. Therefore, it is important to verify file types before allowing them to be uploaded. 

3. Scan for malware – All files should be scanned for malware. We recommend multi-scanning files with multiple antimalware engines in order to get the highest detection rate and the shortest window of exposure to malware outbreaks.

4. Remove possible embedded threats – Files such as Microsoft Office, PDF and image files can have embedded threats in scripts and macros, even if these are not detected by anti-malware engines. To make sure that files contain no hidden threats, it is best practice to remove any possible embedded objects by using a feature called content disarm and reconstruction (CDR).

5. Authenticate users – To increase security, it is good practice to require users to authenticate before uploading a file.

6. Set a maximum name length and maximum file size – Make sure to set a maximum name length and file size in order to prevent a Denial of Service attack.

7. Randomize uploaded file names – Randomly alter the uploaded file names so that attackers cannot try to access the file with the file name they uploaded. When using content disarm and reconstruction (CDR) a random suffix is added to the file name.

8. Store uploaded files outside webroot - The directory to which files are uploaded should be outside of the website’s public directory so that the attackers cannot execute the file via a website URL. 

9. Check for vulnerabilities in files – Make sure that you check for vulnerabilities in software and firmware files before they are uploaded.

10. Use simple error messages – When displaying file upload errors, do not include directory paths, server configuration settings or other information that attackers could potentially use.

File Upload Security from OPSWAT 

OPSWAT offers file upload protection with MetaDefender, an advanced threat protection solution that helps prevent malicious file upload attacks using multiple anti-malware engines, content disarm and reconstruction (CDR) and vulnerability assessment. MetaDefender can be deployed via an API or with any ICAP enabled network device such as web application firewalls, load balancers and application delivery controllers.

Want to find out more about how to block malicious file uploads? Read our white paper How to Block Malicious File Uploads with OPSWAT APIs.