Denial of service is when attackers prevent other users from connecting to a web server, usually by overwhelming the server with more requests than the server can handle.
- File upload abuse is when an attacker abuses public file upload features of a website. It's common for web applications to allow users to upload files. These are a few common examples when a web application might encourage users to send in images, video or other files. There are many ways that file upload features can be abused. The most common types of abuse are uploading files which are too numerous, too large or too frequent. Too many files or files which are too large can use up all of a server's storage space. Files sent too frequently can slow down server processing or monopolize server connections potentially even leading to a denial of service. Another potential abuse is users uploading the wrong content type, for example, the application expects an image, but the user uploads a movie instead. Malware represents the most serious form of file upload abuse. Malware may pretend to be a different file type in order to avoid raising suspicion. It can even be embedded in images, PDF files or other media assets. An attacker may upload malware and then use other techniques to move it to another location or to launch it. Malware can be designed for many different goals. Span, spyware, and bypassing server access controls are just a few examples. Ransomware has been on the rise in recent years and has become a major threat. More ransomware encrypts all files and then demands a ransom to learn how to decrypt them again. The best way to prevent file upload abuse is to require users to log in before they can upload files. Don't allow any anonymous uploads. It won't prevent a determined attacker but at least their account will identify them and allow their access to be revoked. Don't make user-uploaded files available for public download or your site could distribute malware to others. Instead, store uploaded files in directories which are not readable by the public. If they need to become public, then scan them for viruses and have a human review them first. Validations can help prevent abuse. The content type or MIME type of a file can be checked against a list of allowed types. The file extension can be validated against a list of allowed extensions. If you need to be extra cautious, you can check the first few lines of the file which often includes information that identifies the file type. The file size can also be validated to ensure that it's less than the maximum size. Many web servers and languages have configurations for the maximum file size allowed. Using large hard drives or cloud servers for storage can help to ensure that there's always adequate drive space available. Email or text warnings could notify administrators when disk space is running low. Frequent file uploads can be limited or throttled either by the server, by the web application or by a firewall. Finally, servers can be scanned with antivirus software to look for any malware that might have made it through the other defenses. Compared to other attacks, file upload abuse is relatively rare but it is worth considering how it would impact you and installing protections to prevent it.
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting