We are working on the possibility for our members to upload various types files in our community. It will be specifically on a board for developers. Our concern is about the security level in sending the following types: .json, .xml, .htm, .html, .js, .php, .py, .ts - scripts bat ps1 sh - all the c# types and c++ types, etc...
Do you guys have any suggestion about the best policy to avoid security issues for us and our members? Would it be better to only allow zip files instead of all these ones? Or is it too dangerous? Thanks
@cblownThanks for your advice! It is very helpful. I was more inclined towards only adding .zip file type in the white list. But it seems that it is not the best direction to take.