I just had a small question. Any particular reason you want to put the files on a separate server and get them via ftp?
The easiest way to "secure" the acces to the files is (as it sounds like you are doing) to send them out through a controller/action that checks that you have purchased that particular file and so on. On top of that you of that you have added the overhead of ftp which on the face of it sound needlessly complicated. Loading them from a local filesystem would be quicker and safer. I have a Cake app outputting data at 60-70mbit read from a secure folder on the server and dumped out via an action to priviliged users. If you use readfile_chunked() (found in the comments on www.php.net/readfile) you can output files of any size without overloading the server's memory. Dual layer DVD images via php? No problem :) If the firewall is set correctly it is not really that unsafe to use php as a middle-man to an ftp. Your app needs to be secure no matter what you do. On Jun 12, 4:09 pm, wowfka <[email protected]> wrote: > Hello, > > Have question regarding file security. I am thinking to create e-shop > where you can buy some files. > Would it be secure if i create dedicated ftp server, allow access to > it only from e-shop (IP). Users cant directly access ftp, i have > written ftp client with php, which downloads, sends files to-from FTP > server, then delivers it to buyer respectively. What security problems > that solution may have? Maybe anyone have implented anything similar? > What solutions you have used.? Any suggestion appreciated. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
