in reply to
Security on shared server
A number of things to think about.
- If the server is compromised, your security is toast. If the material is particularly sensitive, you should at least go with a vps, if not a dedicated server.
- Effects of deleting the file depend on the underlying filesystem. If you can't control that, you can't control what it means to delete the file.
- How big is the file? Is it something you can just post in chunks to a web server via https and process in memory?
- Where else do you need to protect the data?
- If you must store on disk, can you encrypt the file on disk and decrypt during reading? Maybe you can post the key with the upload making it unreadable effectively after the session is done (since the key never hits disk)?
There is no such thing as perfect security but you need to think through the tradeoffs carefully, and you need to look carefully at the possibility of better security than a purely shared server if it is truly sensitive.