It is a good idea to limit uploads, but probably not at the application level, unless you have a compelling business rule. You do have to decide if you really want limits on the size of one upload, or the total size of uploads, and the location where the uploads will be stored. I am assuming that you are allowing anonymous uploading and that opens a whole different can of worms. This will require you to filter out potentially bad file names, destructive HTML, Perl, and Java code, and a whole bunch of other security problems. On the other hand, I would do this even with authenticated users, because a lot of sabotage comes from within an organization.

I would recommend only allowing authenticated users to do uploading. Your first level of protection should be authentication. I would then recommend limiting the size of each upload and the total size per application or user. If you are using Apache servers, you can set some limits at the server level Apache Limits . But this limit is only for each individual file. Your Perl code can also limit the file size. In this example, the author creates temporary directories on the fly so that someone cannot guess the directory name and some how force an upload. I have seen this technique used a lot so I would recommend it if you are concerned about DoS attacks. Quick and Dirty Method . Here is another example, which uses a text file that could be the starting point for tracking the total size uploaded by application or user. User Tracking .

On the Perl side of the uploading CGI, I would log all requests for uploading, including the IP address, authenticated name, file name, file size, and a success code. This audit trail is most useful for finding problems and detecting attacks.

In closing, I would hope that you would not rely on a single point of failure to protect your uploads. A good blend of Operating System, Server, and Perl limits should give you a good three-layer umbrella.

Richard

There are three types of people in this world, those that can count and those that cannot. Anon