Estimated date of creation: May 16th, 2025
Status: Online 🟢
I still don’t fully trust the internet. In this journey of learning full-stack and back-end development, I’ve been thinking a lot about how not to get my site blown up. I go through a VPS host, and don’t want their computer to get compromised, don’t want weird stuff in my storage, and also don’t want my own credentials to get leaked. I’ve had to learn quite a bit about Linux security already, such as learning file permissions, keeping SSH access off for the root account, keeping sensitive information outside of the Apache domain root, etc.
Well, I’m interested in creating more advanced websites in the future, where someone could upload something to their account. Today’s project is about letting me (and only me) log into a page, and then upload something to the server. I don’t currently trust the internet enough to just leave an open upload link sitting on a webpage, where they can’t get back their data but can upload whatever. Seems like a recipe for having weird stuff uploaded to my server. I don’t really want that.
Anyways, this was quite a challenge. This was a combination of 3 major steps I’ve been working on lately, which is database usage (it calls my credentials out of the database), login screens, and upload pages.
I’ll try to add picures here soon to show what’s actually happening behind the scenes, since this is one of my mysterious entries.
Certain PHP functions I learned for this were session variable stuff like session_start() and session_destroy(), all the MySQLi connect methods like query() and fetch_assoc(), and some stuff in the “PHP.ini” file. Also, the PHP basename() function, and much more. I’ve been learning quite a bit with each of these projects, although they do probably look like pretty small steps, or even non-projects.
¯\_(ツ)_/¯
Leave a Reply