Your server has fast Internet access, and tens of hundreds of GB free of storage. Why not use that storage and high speed connection to store files, and share files with other users?
If you need to share files with other users on the Internet, or easily access files remotely, a good web-based software to use for that purpose is eXtplorer. Featuring modern Javascript-based menus, and a sleek PHP backend, eXtplorer is strongly becoming my favorite way to access files remotely. Sure, I could use SFTP to store files on a server, but what happens when you need to access files on your server from someone else’s computer? You could always download a standalone SFTP client, but that’s such a hassle- and eXtplorer is easily accessed from any web browser.
This weekend, I was doing some research into a way to offer offsite Linux server backup solutions to my clients. While doing my research, I stumbled upon eXtplorer. At first, I was skeptical. I’ve looked at easily a dozen Open Source file managers. After using eXtplorer over the course of several weeks, I found that the software was sleek, functional, and easy to use. Needless to say, I was impressed.
eXtplorer's list of files in the current directory
As you can see, eXtplorer features a clean user interface, with friendly graphics. It’s intuitive to use, and has very few disadvantages.
eXtplorer's Sleek Right Click Menu
I was also impressed by eXtplorer’s sleek right-click menu, which works in Opera, Firefox, and Internet Explorer. The menu is Javascript based, and seemed to be bug-free.
eXtplorer's "View File Contents" feature can even display images.
If you need to, you can even view the contents of a file, via the “View File Contents” feature. This feature supports images, as well as text documents.
One disadvantage of eXtplorer is that it requires a few modifications, to be securely used in a multi-user environment. In a default configuration, eXtplorer allows the creation of symlinks, which can override the location for a user’s profile. This means that a user can view files outside his or her path, which would normally be considered an information disclosure vulnerability. In addition, an “About…” dialog allows a user to view PHP’s phpinfo(); function, which tells a possible malicious user a lot of information! EXtplorer also supports connecting to remote FTP sites, which could also prevent a security vulnerability. However, all of these features are easy enough to disable.
eXtplorer with symlinks disabled
As you can see, both the “New file” feature, and the “About…” feature have been disabled. This is necessary to prevent the creation of symlinks, and the disclosure about system settings via the “About…” page.
In summary, eXtplorer is definitely work looking into, if you need a way to share or host files over the Internet. If you don’t want to use FTP, and are in search of a web-based file manager, eXtplorer is easily the best choice in Open Source web-based file managers. It’s few security issues are easily fixed, and readily documented. In my next blog post, I specify the exact changes necessary to disable symlinks, disable the about page, and disable remote FTP access.
[...] Ramblings of a Linux Administrator « Cool Web-based Software- eXtplorer [...]
Hi. Not only extplorer but also other software (like ajaxplorer) is missing one crucial for me feature, which is passwd->extplorer password synchronization. Let’s imagine that I’d like to let my linux users see their home directory via extplorer. It is of course possible by tinkering with the /etc/groups a little bit, but also painful as extplorer uses its own users and passwords.
Any idea on how to deal with it ?
Pete
Unfortunately, you have to open up their home directory to be world readable, and disable write access for the Apache user. In this instance, the modifications mentioned in the article would apply.