File Upload Options

[Ezk90]

I'm creating a blog for my wife. I've been a programmer for 15 years or so, but I have always avoided file upload due to fear of the security risks. I want to allow guests at my wife's website to upload photos. I have done a lot of research, but I can't really find a solution that takes away the anxiety. I've looked into a few cdn's such as cloudshare and amazon s3, but their services seem like overkill for just wanting to be able to display pictures for her blog. I'm just curious if anyone has any suggested routes, tutorials, or personal experiences. It seems most sites offer image uploads, I feel like it shouldn't be that complicated in 2019. The link below seems to make the most sense, but I haven't found a whole lot like it, and that was written four years ago. I host all my clients on subdomains, and most of my work is geared towards inventory which is why I have stayed away from file uploads. 

https://paragonie.com/blog/2015/10/how-securely-allow-users-upload-files

[gw1500se]

Uploading files is really not  much of a security risk as long as you do a little due diligence. Since uploading files will never set the execute bit it cannot be executed unless the PHP programmer does something dumb with the file. This should help.

Edited October 13, 2019 by gw1500se

[Ezk90]

Awesome thankyou for the enlightenment gw1500se. 

[Ezk90]

I decided I'm going to just follow the basic outlines most pages prefer, but then I'm going to have accounts require permission to upload. So she can allow trusted bloggers to upload