Path traversal attacks are prevented by segregation so that public and private files are kept in different locations.
If public files are on server Alpha
, where would you host private files?
Beta
Alpha
Alpha
That's right! If public and private files don't exist in the same location, hacking becomes much harder.
Might it be that a secure partition on the same server is okay as well?