I'm serving a .Net Core API project on a windows server that the published project is in a subfolder in inetpub.
My clients should upload some images and PDFs and API should store them forever. Currently I've created a subfolder called Uploads in project directory and save my files there.
inetpub
|
- MyWebsite
|
* web.config
* appsettings.json
* WebAPI.dll
* WebAPI.Views.dll
* ...
- Uploads
|
+ Images
+ Videos
+ PDFs
I use a CI/CD software to automatically publish my project. Sometimes it's possible that the person who writes CI command scripts do a mistake and when he is publishing the new version, deletes the Uploads folder too.
I'm asking about some best practice way to be comfortable and more secure to store these kind of files when writing an API.
I wouldn't say there is a "standard" place, as it depends on your requirements.
What is for sure, do not store them on the web server machine. Why:
the machine may fail, and the files will be lost
this approach doesn't scale to multiple machines (it is possible to share folders, but that brings more problems).
These files are basically data, and should be treated as such. Depending on your requirements, you may consider these options:
External storage (a folder on web server mapped to external storage)
No-SQL database
Big data storage (e.g. Hadoop)
Upload to CDN (e.g. S3)
Related
Is it possible to change the connection string in a VS 2017 C# web application Core 2 project's connection string to use OneDrive or iCloud as storage medium?
Since I work on my laptop, at home and at work (hobby programmer, not professional) I'd like the mdf and ldf files available in the same location regardless of where I am.
I do save the entire project (most of the time) in OneDrive, should seem reasonable to be able to save the sql files there as well.
trying to eliminate using Azure for development, bad practice I know..
You can if you utilize the syncing functionality. In other words, you cannot simply change the connection string to the URL of the database file online. Even if SQL Server Express could read from that, it wouldn't be able to do writes over HTTP. However, OneDrive and similar online storage providers often include a utility that propagates your online files to actual filesystem locations on each connected PC. I know, for example, that once you set up OneDrive in Windows 10, it will sync your Documents directory by default. If you store the file there, it should then be synced to all other connected computers.
The application will be located in /Applications.
The application will be downloaded via a web browser and not via the App Store.
The language being used is Tcl/Tk.
A. Will this work on all versions of OS X 10.5 or higher?
B. Is there a better place to store application files?
~/Library/Application Support is a way better place to store your files:
Use this directory to store all app data files except those associated
with the user’s documents. For example, you might use this directory
to store app-created data files, configuration files, templates, or
other fixed or modifiable resources that are managed by the app. An
app might use this directory to store a modifiable copy of resources
contained initially in the app’s bundle. A game might use this
directory to store new levels purchased by the user and downloaded
from a server.
A. No, generally you should not alter the application bundle once installed. You will very likely encounter permissions or code signing issues if you do.
B. ~/Library/Application Support/MyApp/
I have a doubt for purchase a microsoft azure app service to host my app. I have already tested the free profile and i am concerned to switch to a basic profile.
That's my question.
I have seen on this table on azure website here which i'll have 10GB of disk space for my application files.
When i went on price calculator i see this
Well my question is:
Why here i see 10GB of temporary storage? will i lose my application files located in the wwwroot folder anytime?
will i lose my application files located in the wwwroot folder anytime?
It will not be lost if you application files located in the wwwroot folder.We could get the answer from the document.
Persisted files
This is what you can view as your web site's files. They follow a structure described here. They are rooted in d:\home, which can also be found using the %HOME% environment variable.
These files are persistent, meaning that you can rely on them staying there until you do something to change them. Also, they are shared between all instances of your site (when you scale it up to multiple instances). Internally, the way this works is that they are stored in Azure Storage instead of living on the local file system.
Free and Shared sites get 1GB of space, Basic sites get 10GB, and Standard sites get 50GB
Temporary files
A number of common Windows locations are using temporary storage on the local machine. For instance
%APPDATA% points to something like D:\local\AppData.
%TMP% goes to D:\local\Temp.
Unlike Persisted files, these files are not shared among site instances. Also, you cannot rely on them staying there. For instance, if you restart a web app, you'll find that all of these folders get reset to their original state.
For Free, Shared and Consumption (Functions) sites, there is a 500MB limit for all these locations together (i.e. not per-folder). For Standard and Basic sites, the limit is very high (over 100GB).
We could check the application files in the D:\home\site\wwwroot from the Azure kudu tool(https://yoursite.scm.azurewebsites.net/).
Available disk space is shown on the Environment page:
My problem is I have a LOB application that can possibly save multiple files (number of files only known at runtime) based on user inputs. Saving this as a single file and having the user break them apart, or zipping them up as a single file is not an option unfortunately.
SaveFileDialog seems suited to only save 1 file at a time. Third party controls may be an option but I have yet to find any that serve this purpose. Thanks!
The browser security model guidelines (outside of Silverlight) prohibit web application logic (script or otherwise) from having direct access to the local file system.
Consider what havoc a malicious web site could wreak on your computer if web application script could write arbitrary files to arbitrary locations on the local hard disk!
For this reason, Silverlight isolates your code away from the local file system. Silverlight manages the Open File or Save File dialogs, but your web app code never gets to see the full path of the file names directly for security reasons. The Silverlight dialog only supports working with one filename / path at a time.
Silverlight does offer isolated storage on the local machine in which your web app could write multiple files. However, as noted in comments, isolated storage is isolated in both directions - it keeps the web app isolated from the local file system, and that makes it difficult for the end user to access the contents of the isolated storage outside of the browser. (Difficult enough to make it infeasible for nontechnical users, but not difficult enough to call isolated storage "secure" from malicious snooping).
Short of writing your own native executable browser extension (for each different browser brand and version you wish to support) (or non-sandboxed javascript plugin for some browsers), I don't think there is a way for a web app to push data into multiple local files convenient to use outside of the browser in one user action.
Since this is an LOB in the intranet zone have you considered asking your users to install the app as OOB with Elevated trust. This would allow you to write files to the users Documents folder without the SaveFileDialog.
The other option is to zip the files with a single SaveFileDialog call.
There are no other Silverlight oriented solution.
What is the best way to update a "Web-Application" ("re-publish" from dev server to live server) while preserving user-data (such as images, videos, and audio stored in the filesystem) in a VS 2010 build/publish setup?
Additionally, what is the best way to minimize site downtime during these updates?
My backstory:
Usually I "build/publish" the site to a folder on my dev machine, ftp:// into the live server, then drag-and-drop the new "published" files and folders to the live site while making sure not to overwrite any user-generated directories.
Obviously this method comes from my static-html days where it didn't matter. And obviously this is dangerous, flawed, and counter-productive for any Web Application with user-generated data in the FS.
The easiest way is to have a directory that's outside of your code folder where you store the user data. You can even map this folder as a virtual folder in IIS when you need this folder to be available from the internet. Like:
C:\Inetpub
\ProjectWebsite
\ProjectFiles