/tech/ - Technology★

Git gud, faggot. And use the sticky.

Also, what do you mean by "making"? You mean configuring? Just run nginx or Apache with indexing on.

>>924077

>Also, what do you mean by "making"?

literally writing one from scratch.

>You mean configuring?

I can't find anything simple enough.

>Just run nginx or Apache with indexing on.

I know, I just want an upload button tacked at the end.

A simple file server for what purpose? Have you tried using rsync?

Google multipart/form-data. You don't want a file server. You want a fucking html web page.

>>924079

>I just want an upload button

OK. Write CGI. This is simple enough that you can do it in any language (especially if you abuse JavaScript a bit, to ship raw bytes rather than one of the elaborate-like-a-fucking-Christmas-tree native HTTP formats).

You could probably find a plugin for WordPress that does all you want.

>>924074 (OP)

Just host an ftp, they're remote mountable by default in all OSes and browsers can read them if not write. I dont know what supports FTPS but auth is overrated anyway.

>>924087

no, you fucking luddite.

ssh exists--use it.

a few minutes looking up how to set up an SSH key will let you use it without a password.

then use scp, sftp, or rsync for easy file transfer in either direction.

rsync is a super-powered super-program sent back in time to us from the year 4018. if you use ftp instead of rsync, police in the year 4018 will track down and then sterilize all of your progeny, having determined that your genes are good for nothing but producing more idiots.

>tfw trying to install php5 and cgi modules for apache

>dependency hell

REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

>>924089

nevermind, it works now.

>>924089

since you're using PHP, take some care to

1. test for obvious file-upload vulnerabilities. Upload a PHP script and then try to visit it. You want to see source code, and not have the script actually run.

2. repeat #1 for a file that contains embedded PHP but which doesn't end in .php or similar extension.

3. see if you can change site behavior by uploading a file named .htaccess, or index.html

be advised: if people can upload arbitrary HTML and assets and then browse to them normally, you SHALL come to host a phishing site or other malware

4. make sure nothing important can be seen or touched by the account this file upload script is on, because it probably has some non-obvious vulnerabilities.

#1 and #2 you can probably fix just by editing an .htaccess

>>924074 (OP)

1. Learn to code

2. DO NOT USE PHP

3. Use as little javascript as possible; ensure your site works without javascript

4. Try uploading executable files and make sure they don't actually run

5. make your results free software under AGPL

>>924101

>try uploading executable files

executable-ness is metadata, not data. you can't upload it.

so just don't go out of your way to +x any files your upload script creates, which is certainly the default unless some stroke of PHP idiocy has you setting literally everything mode 0777

>>924103

It's certainly something to test for. For CGI, most webservers aren't dumb enough to execute non-chmod +x'd files, but for PHP I have seen at least one website where uploading a file with .php extension was enough for arbitrary code execution on the server as the apache user.

>>924088

Right but normies can't use those things, only those of superior OS. Normies are given ftp for the purpose of I suppose compromising themselves? It's really convenient though.

>lolisafe

>pomf

>uguu

kys wedopeeb

>>924469

>It's fucking summer again.

>>>/out/