I'm allowing authenticated users to upload image files with my PHP application. Assume I've built in the necessary security to make sure the file itself is valid, is there a possibility of the http transmitted file to be intercepted in some way? If so, how can I protect the transmission of the file? Would HTTPS be the way to go?
Also, the web server the application resides on can only be accessed by authenticated users. Does this mean that the http stream of data is also protected? It would seem to me that it is.
