Thank you for the response. Performance is not very important because these files will be small. Why i want dedicated FTP server?, well it creates another secure layer + hardware firewall in case somebody break http server (which is hosted by another company) and we want have all files near us. In details, my scheme is: user buy file, i check that order is legal, then send request to ftp for file, if everything is ok, starting download. T
On Jun 12, 6:18 pm, Martin Westin <martin.westin...@gmail.com> wrote: > I just had a small question. > Any particular reason you want to put the files on a separate server > and get them via ftp? > > The easiest way to "secure" the acces to the files is (as it sounds > like you are doing) to send them out through a controller/action that > checks that you have purchased that particular file and so on. On top > of that you of that you have added the overhead of ftp which on the > face of it sound needlessly complicated. Loading them from a local > filesystem would be quicker and safer. > > I have a Cake app outputting data at 60-70mbit read from a secure > folder on the server and dumped out via an action to priviliged users. > If you use readfile_chunked() (found in the comments onwww.php.net/readfile) > you can output files of any size without overloading the server's > memory. Dual layer DVD images via php? No problem :) > > If the firewall is set correctly it is not really that unsafe to use > php as a middle-man to an ftp. Your app needs to be secure no matter > what you do. > > On Jun 12, 4:09 pm, wowfka <a.lic...@gmail.com> wrote: > > > Hello, > > > Have question regarding file security. I am thinking to create e-shop > > where you can buy some files. > > Would it be secure if i create dedicated ftp server, allow access to > > it only from e-shop (IP). Users cant directly access ftp, i have > > written ftp client with php, which downloads, sends files to-from FTP > > server, then delivers it to buyer respectively. What security problems > > that solution may have? Maybe anyone have implented anything similar? > > What solutions you have used.? Any suggestion appreciated. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
