How do I create my own server I can upload things to (like google drive) with Ubuntu server [closed]












-2















How do I create my own server I can upload things to (like google drive) with Ubuntu server



Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.



Thanks!










share|improve this question













closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod

If this question can be reworded to fit the rules in the help center, please edit the question.

















  • So you want a gui you can access from the internet to upload files?

    – Nordlys Jeger
    Jan 10 at 21:53











  • Yes. Sort of like Webmin, but more met for uploading.

    – Christian Azzam
    Jan 10 at 22:18


















-2















How do I create my own server I can upload things to (like google drive) with Ubuntu server



Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.



Thanks!










share|improve this question













closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod

If this question can be reworded to fit the rules in the help center, please edit the question.

















  • So you want a gui you can access from the internet to upload files?

    – Nordlys Jeger
    Jan 10 at 21:53











  • Yes. Sort of like Webmin, but more met for uploading.

    – Christian Azzam
    Jan 10 at 22:18
















-2












-2








-2








How do I create my own server I can upload things to (like google drive) with Ubuntu server



Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.



Thanks!










share|improve this question














How do I create my own server I can upload things to (like google drive) with Ubuntu server



Right now I have a server in my basement with Ubuntu 18.04.1 that is running a program called webmin. it is really good, but I would like something more secure and meant more for just uploading files. Does anyone know of a program for Ubuntu server that sort of works like google drive.



Thanks!







ubuntu home-server






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jan 10 at 21:41









Christian AzzamChristian Azzam

14




14




closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod

If this question can be reworded to fit the rules in the help center, please edit the question.







closed as off-topic by n8te, Keltari, JakeGould, MaQleod, davidgo Jan 11 at 1:01


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question." – n8te, MaQleod

If this question can be reworded to fit the rules in the help center, please edit the question.













  • So you want a gui you can access from the internet to upload files?

    – Nordlys Jeger
    Jan 10 at 21:53











  • Yes. Sort of like Webmin, but more met for uploading.

    – Christian Azzam
    Jan 10 at 22:18





















  • So you want a gui you can access from the internet to upload files?

    – Nordlys Jeger
    Jan 10 at 21:53











  • Yes. Sort of like Webmin, but more met for uploading.

    – Christian Azzam
    Jan 10 at 22:18



















So you want a gui you can access from the internet to upload files?

– Nordlys Jeger
Jan 10 at 21:53





So you want a gui you can access from the internet to upload files?

– Nordlys Jeger
Jan 10 at 21:53













Yes. Sort of like Webmin, but more met for uploading.

– Christian Azzam
Jan 10 at 22:18







Yes. Sort of like Webmin, but more met for uploading.

– Christian Azzam
Jan 10 at 22:18












1 Answer
1






active

oldest

votes


















0














The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.



Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.



There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.






share|improve this answer





















  • 1





    Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

    – davidgo
    Jan 11 at 1:02






  • 1





    That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

    – davidgo
    Jan 11 at 1:46











  • @davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

    – Terrestrials
    Jan 11 at 16:54











  • Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

    – Terrestrials
    Jan 11 at 17:16











  • I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

    – davidgo
    Jan 11 at 17:46


















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.



Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.



There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.






share|improve this answer





















  • 1





    Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

    – davidgo
    Jan 11 at 1:02






  • 1





    That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

    – davidgo
    Jan 11 at 1:46











  • @davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

    – Terrestrials
    Jan 11 at 16:54











  • Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

    – Terrestrials
    Jan 11 at 17:16











  • I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

    – davidgo
    Jan 11 at 17:46
















0














The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.



Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.



There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.






share|improve this answer





















  • 1





    Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

    – davidgo
    Jan 11 at 1:02






  • 1





    That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

    – davidgo
    Jan 11 at 1:46











  • @davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

    – Terrestrials
    Jan 11 at 16:54











  • Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

    – Terrestrials
    Jan 11 at 17:16











  • I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

    – davidgo
    Jan 11 at 17:46














0












0








0







The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.



Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.



There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.






share|improve this answer















The first version of this answer linked to an old project that, although very small, turned out to be badly insecure. I'm grateful to @davidgo for looking at the code and pointing out its flaws to me.



Here is an alternative, phpFileManager, "a complete filesystem management tool on a single file". As davidgo points out, it probably has more people looking for potential security flaws. It is also still reasonably short, at 5783 lines of code.



There are also, as mentioned in the comments, larger projects like OwnCloud and Nextcloud. These have many additional features: contact and calendar sharing, photo galleries, and so on. However, they may present a steeper learning curve.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 11 at 18:20

























answered Jan 11 at 0:54









TerrestrialsTerrestrials

162




162








  • 1





    Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

    – davidgo
    Jan 11 at 1:02






  • 1





    That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

    – davidgo
    Jan 11 at 1:46











  • @davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

    – Terrestrials
    Jan 11 at 16:54











  • Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

    – Terrestrials
    Jan 11 at 17:16











  • I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

    – davidgo
    Jan 11 at 17:46














  • 1





    Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

    – davidgo
    Jan 11 at 1:02






  • 1





    That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

    – davidgo
    Jan 11 at 1:46











  • @davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

    – Terrestrials
    Jan 11 at 16:54











  • Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

    – Terrestrials
    Jan 11 at 17:16











  • I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

    – davidgo
    Jan 11 at 17:46








1




1





Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

– davidgo
Jan 11 at 1:02





Look at Owncloud and Nextcloud for robust host-your-own dropbox like systems.

– davidgo
Jan 11 at 1:02




1




1





That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

– davidgo
Jan 11 at 1:46





That code is beautifully easy to read, and, if I'm reading the PHP correctly - entirely insecure. Look at index.php and you will see that the code to delete files (line 62), creating folders (line 93, uploading files (line 103) all happen before the user is logged in on 116 - in short, I can easily use it to upload arbitrary files and folders, delete arbitrary files WITHOUT HAVING LOGGED IN. Depending on how its configured I could take probably over the webserver that is running this script. Its not a wonder the owner no longer hosts it.

– davidgo
Jan 11 at 1:46













@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

– Terrestrials
Jan 11 at 16:54





@davidgo Wow thank you for pointing that out. I checked that I can indeed delete a file without logging in. I wonder if the script was actually designed with the intent of creating security holes, given that the author is somewhat anonymous. On the other hand it can only read, write, and delete stuff which is writable by http. I wonder if it is worth saving, as you point out the code is very elegant.

– Terrestrials
Jan 11 at 16:54













Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

– Terrestrials
Jan 11 at 17:16





Sorry, I meant "it can only write and delete stuff which is writable by http". I also noticed that I can easily list the contents of my home directory by e.g. appending "?path=../../../". So I think some additional checks have to be done before it could be called secure. If you are interested in helping with that then submit an issue to the Github project, otherwise I will probably delete it, as well as this answer. How embarrassing!

– Terrestrials
Jan 11 at 17:16













I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

– davidgo
Jan 11 at 17:46





I could be wrong don't think it is designed with evil intent. The Internet was a VERY different place 12 years ago. Also, the "most helpful" bugs I would have inserted/designed in - like providing a file list reading files and bypassing auth, are not apparent. It wouldn't be hard to fix these issues, but there are A LOT of similar scripts out there already - just Google PHP file manager. I found sourceforge.net/projects/phpfm/files/phpFileManager which, I suspect has a lot more eyes on it.

– davidgo
Jan 11 at 17:46



Popular posts from this blog

Probability when a professor distributes a quiz and homework assignment to a class of n students.

Aardman Animations

Are they similar matrix