How do I create my own server I can upload things to (like google drive) with Ubuntu server [closed]
How do I create my own server I can upload things to (like google drive) with Ubuntu server
Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.
Thanks!
ubuntu home-server
closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod
If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
How do I create my own server I can upload things to (like google drive) with Ubuntu server
Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.
Thanks!
ubuntu home-server
closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod
If this question can be reworded to fit the rules in the help center, please edit the question.
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18
add a comment |
How do I create my own server I can upload things to (like google drive) with Ubuntu server
Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.
Thanks!
ubuntu home-server
How do I create my own server I can upload things to (like google drive) with Ubuntu server
Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.
Thanks!
ubuntu home-server
ubuntu home-server
asked Jan 10 at 21:41
Christian AzzamChristian Azzam
14
14
closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod
If this question can be reworded to fit the rules in the help center, please edit the question.
closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod
If this question can be reworded to fit the rules in the help center, please edit the question.
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18
add a comment |
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18
add a comment |
1 Answer
1
active
oldest
votes
The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.
Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.
There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
|
show 1 more comment
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.
Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.
There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
|
show 1 more comment
The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.
Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.
There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
|
show 1 more comment
The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.
Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.
There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.
The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.
Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.
There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.
edited Jan 11 at 18:20
answered Jan 11 at 0:54
TerrestrialsTerrestrials
162
162
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
|
show 1 more comment
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
1
1
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.
– davidgo
Jan 11 at 1:02
1
1
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.
– davidgo
Jan 11 at 1:46
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.
– Terrestrials
Jan 11 at 16:54
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!
– Terrestrials
Jan 11 at 17:16
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.
– davidgo
Jan 11 at 17:46
|
show 1 more comment
So you want a gui you can access from the internet to upload files?
– Nordlys Jeger
Jan 10 at 21:53
Yes. Sort of like Webmin, but more met for uploading.
– Christian Azzam
Jan 10 at 22:18