Document folder outside of webserver

Report · Feb 23, 2015

Hi,

At my facility we have access to drives that are up to a TB in size. We have a lot of documents we plan to scan and save "online". Currently our web servers are relatively small, the on I am on now is only 20GB and it's almost full.

Can I upload documents through a web page to a drive that is not on the web server, and also build a page that links to those documents so that users can open them?

Thanks

Report · Feb 26, 2015

Is this possible? If yes, could someone point me to some reference documents for this? Also, if it's not possible, that would be great to hear also.

Thank you

Report · Feb 26, 2015

Its not something you can natively do with out using some form of web service. For example we use Amazon S3 to store all our documents and images and use the built in S3 support in coldfusion to process them user side. This way you just pay for what you need too.

Report · Feb 26, 2015

Okay, thanks. That helps with our decision on how to progress. We'll buy more webspace.

As I mentioned all of the drives would be inhouse behind our firewall, I can't store these documents on Amazon.

Surprisingly I can have a 1TB drive for free, but I need to pay (handsomely) for webspace.

Report · Feb 26, 2015

This is totally possible without using a web service. But it all depends on a few factors like network connectivity to storage and webserver os. Can you explain a little about your environment and what you are running?

Report · Feb 26, 2015

Thanks.

We are currently using CF9, but I will be moving the site to a CF10 server. Please keep in mind I am not a network person, nor a CF person, nor a programmer of any sort, so my terminology is likely wrong.

On the CF10 server the database is on a separate MS SQL server. Our IT department set up permissions to allow the web server to "talk" to the database server and it works fine.

We have shared file systems available. I presume our IT people would also be able to let the web server talk to that drive?

Currently the files are stored outside of the web directory, but on the same server. I use this file to retrieve them from a link:

File not found...

</cfif>

Report · Feb 26, 2015

First, you should't be using a url var in a file path. This leads to directory traversal attacks.

Here is how you can make this work...

First, make sure CF is running as a specific user. It should be already if the lockdown guid was followed.
Take the same credentials that CF is running as (user/password) and create an identical account on the server where the files are stored.
Create a share on the server to the files giving the CF user read permissions
Change your code to use a UNC path to get to the file.

File not found...

</cfif>

HTH,

--Dave

Report · Mar 10, 2015

This is making me very sad, clearly I am in so far over my head I may not be able to accomplish this.

I simply installed CF9 on my webserver, I did not follow the 35 page lockdown guide. I just tried, but got far too lost.

I know this is an ignorant thing to say, but I am not worried about security. This is a locked down site that is behind our institutions firewall and no one has access to it besides my department. Plus we aren't storing financial data, or world secrets. It is working fine for us, except we are quickly running out of space.

I now have access to a drive (also behind our firewall), but it seems without these permissions being applied I will not be able to access the test files I have created.

Thanks

Document folder outside of webserver

1 Correct answer

Photos