1

I've got an Ubuntu 9.10 Server that I'd like to leverage for large file delivery. Ideally the system would be:

  • Easy for end users download and upload to.
  • Secure
  • web-based
  • Free (I know I know. Dreamworld right?)

Any suggestions? I was thinking about w2box but there's virtually no security to that one.

-M

UPDATE --- CLARIFICATION

My use case is for simple and infrequent exchange of files between colleagues/friends.

At one of my prior jobs, we have a GREAT system... It had two sections:

1) Admin side:

  • Admin can upload/download files
  • Admin can create upload tag codes that expire over time and use that as a security token for external users to upload file(s).
  • Admin can specify files as publicly accessible or assign a tag code to a file that expires over time and use that a security token for external users to download file.

2) External User side:

  • Can see public files
  • Can enter tag to download or upload specific private files.
  • All transactions done over SSL.

Ideally, I'd like to find something like that. If that's not available, then at the very least, I'd like to have a simple way of preventing spammers and malicious users from downloading/uploading files without my permission. At the same time, I'd like to keep this as low maintenance as possible for ad-hoc scenarios where I need to send someone a file but don't necessarily want to go to the trouble of creating a whole set of credentials for them.

Mike B
  • 11,570
  • 42
  • 106
  • 165
  • Can you elaborate on what you mean by secure? Do you only mean you want the transport to be encrypted? Or are you looking for something with access control lists where a user can setup who is authorized to access the file? – Zoredache Nov 21 '09 at 06:54

1 Answers1

3

Have you considered using WebDAV? Though many people haven't used it a whole lot, it's really ideal for this sort of thing.

To elaborate... For transport security, WebDAV can be set up to use SSL, just like other http traffic.

For user control, I've used OpenLDAP and apache's mod_auth_ldap with great success.

I'd love to give more details, but (as Zoredache suggested), we need more information from you first.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • Webdav is a nice technology, but do you have any recommendations about how to actually do the security correctly? – Zoredache Nov 21 '09 at 06:52
  • Apache directives can handle the security. You can do it as simply as using .htaccess files. Also, Apache provides SSL connections, securing your WebDAV. WebDAV is disabled (by default) on Apache but is easy to enable in the .conf files. – djangofan May 25 '11 at 20:04