1. Allow specific file types– By limiting the list of allowed file types, you can avoid executables, scripts and other potentially malicious content from being uploaded to your application.
2. Verify file types – In addition to restricting the file types, it is important to ensure that no files are ‘masking’ as allowed file types. For instance, if an attacker were to rename an .exe to .docx, and your solution relies entirely on the file extension, it would bypass your check as a Word document which in fact it is not. Therefore, it is important to verify file types before allowing them to be uploaded.
3. Authenticate users – To increase security, it is good practice to require users to authenticate themselves before uploading a file. However, that doesn’t guarantee the user’s machine itself wasn’t compromised.
4. Set a maximum name length and maximum file size – Make sure to set a maximum name length (restrict allowed characters if possible) and file size in order to prevent a potential service outage.
5. Encrypt uploaded file - Always Encrypt files while upload and Decrypt while accessing the files from the storage account. This ensure confidentiality of any sensitive information in the uploaded files.
6. Randomize uploaded file names – Randomly alter the uploaded file names so that attackers cannot try to access the file with the file name they uploaded. When using Deep CDR, you can configure the sanitized file to be a random identifier (e.g. the analysis data_id).
7. Use of Cloud Storage (AWS S3 / Azure Blob) - The directory to which files are uploaded should not be on the server instead use Cloud Storage (AWS S3 / Azure Blob Storage) as per the region applicable to avoid execution of scripts by any attacker.
8. Enable encryption of AWS S3 / Azure Block buckets - AWS S3 buckets and Azure storage accounts should have encyrption enabled by default to ensure confidentiality of data and avoid any third party attacks.
9. Check for vulnerabilities in files – Make sure that you check for vulnerabilities in software and firmware files before they are uploaded.
10. Suppress sensitive information in error messages – When displaying file upload errors, do not include directory paths, server configuration settings, or other information that attackers could potentially use to gain further entry into your systems.