myloader is a PHP form for uploading files into your server. It is an easy way to share files with others.
-
Upload myloader directory somewhere to your server.
-
chmod 777 myloader and chmod 777 myloader/uploads to make both directories writeable by apache
-
Edit your Apache/PHP configuration and add the following lines in php.ini ( in ubuntu it is positioned in /etc/php5/apache2/php.ini ) to change the max default size of uploads permitted by php: php_admin_value upload_max_filesize 20M php_admin_value post_max_size 20M
You may choose other sizes if you want.
The files uploaded will be moved to ./uploads/ , in order for your system to remain secure , you will need to configure apache to deny direct access to the folder ./uploads/
The reason for this is because someone can upload a .php file and then run it and effectively gain access to all the files that apache can access..
To overcome this there are two ways!
a)The first is with the .htaccess file that is provided by default in ./uploads/.htaccess , in order for .htaccess files to be acknowledged you will have to add AllowOverride All to the apache configuration of your site , this will deny direct access , to php or executables that can put your system in risk
If your apache has AllowOverride All you won`t need to do anything , it will work out of the box , if not you will need to change it to AllowOverride All
b)Your second option is to manually specify Deny from all and keep your AllowOverride none setting , if you are familiar with apache configuration this is better
In any case to check if your settings are ok open security_test.html from your site
Finally you will need to change configuration.php to make it match your webpage setup!
You are ready to go!
- Bash/SSH/FTP access to chmod the two directories
- PHP5
- Apache2