Why PHP File Upload vulnerabilities is a Major Security problem ?
There are lots of Web sites, which using some kind Content Management Systems (CMS), like WordPress, Joomla and etc., where an ability upload content like text, images and so on. There is no nothing bad for this, but there are also a lot of plugins and themes which allow upload to the server almost anything without validation opening the floodgates for server compromise.
PHP File Upload problems
Almost always, there is missing about a something, such as a user validation, Which allow that anyone can use that upload malware to the server. Another method is a server side upload script not check what kind file trying upload or even hacker can bypass validations, because there is poor code for checking what kind file is uploaded to the server.
– No validation at all or what kind file allowed upload to server
– Bypass MIME-type validation
– Blacklisting file extensions
– Double extensions
– Checking an image’s header
– Protecting the upload folder with .htaccess (Bad file permissions, can overwrite and replace content)
These allows attacker upload like webshell to the server and get full access user permission to control server and running there anything what want.
Protecting Server from PHP File upload vulnerabilities
There are tips what you can do protect your server this kind attack’s, but sometimes these are not possible in shared web hosting environments or even if using CMS system’s.
– Disable UPLOAD in PHP.ini file (file_uploads=Off)
– Keep always up-to-date software (Plugins, Themes, etc …)
– Scan Server-Side uploaded content (ClamAV or other virus scanners with Malware signatures)
– Use Web Application Firewall like ModSecurity or Cloudbase WAF services like Sucuri.
Final words
Read more about Malware Expert – ModSecurity rules and protect your web server from PHP File upload vulnerabilities.