12345678910111213141516171819202122232425262728293031 |
- With this tool you provide a remote upload space for everyone.
- Unless you:
- - Keep your secret a secret
- - Do not use it publicly
- - Do not promote it as a new paste platform
- - Change your secret often
- This tool uses PHP fileinfo: https://www.php.net/manual/en/intro.fileinfo.php
- > The functions in this module try to guess the content type and encoding of a file
- > by looking for certain magic byte sequences at specific positions within the file.
- > While this is not a bullet proof approach the heuristics used do a very good job.
- It is not really bulletproof, but it does the job. Everything can be manipulated
- to look alike something it isn't.
- So, here is a friendly REMINDER:
- - Use at own risk.
- - Don't open it up to the public
- - Check regularly what is added
- - Clean everything what you do not know
- - You provide the service by hosting it. Your are responsible for it!
- - Change your secret often
- Make sure DEBUG is false for production.
- Protect the storage location from direct access. Default solved with a .htaccess
- file. Better solution is to move the location outside the webroot.
|