I'm facing a problem and i don't know where to start and in fact, how to do it.
Situation:
Users of my website should be able to save their resume files + cover letters on my webserver.
Problem:
How to make their file SECURED from any hack ? I mean only file owner and web administrator (so in this case... myself) should have access to those files. never user B should be able to access, read or download files of user A.
my guess:
I was thinking to store files outside public_html folder, in the following way:
/resumes/user A/resume A
/resumes/user A/cover letter A
/resumes/user B/resume B - US
/resumes/user B/resume B - ES
/resumes/user B/cover letter B
Questions:
1. how can i allow user to have access to folder/files outside public_html ?
2. how can i secure that user A has access to his own files ONLY ?
I searched on internet for some help but i did not find anything really relevant...only theory and no really in details.