All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Simple PHP S3 Server - Self-hosted Object Storage for Virtual Hosts
TL;DR Version
Want S3-compatible storage on your cheap virtual host? Here's how:
- Create a new website on your VPS/virtual host
- Drop the
index.phpfrom GitHub repo into webroot - Set your password in the config section
S3 Client Configuration:
- endpoint: Your domain name
- access_key: The password you set
- secret_key: Any value (ignored)
- region: Any value (ignored)
Example: Uploading hello.mp3 to bucket music stores it at ./data/music/hello.mp3
Pro tip: Pair with Cloudflare CDN for extra speed+reliability 
Backstory
Recently got a storage box from Hostbbr (basically a DA panel virtual host). While FTP/RSYNC work great, I needed S3-compatible access for my IPv6-only servers (yes, I know about WARP but wanted native solution).
Couldn't find any good self-hosted S3 servers that:
- Work on basic PHP hosts
- Don't require databases
- Are stupid simple to deploy
So I built one!
The Goods
GitHub: https://github.com/hochenggang/simple-php-s3-server
README: https://github.com/hochenggang/simple-php-s3-server/blob/main/README-en.md
Key Features:
✅ Core S3 object operations (PUT/GET/DELETE/POST)
✅ Multipart upload support
✅ Zero-database filesystem storage
✅ AWSv4-style auth (simplified)
✅ Single-file deployment
Perfect for:
- Backup targets
- Static file hosting
- Cross-server sync
If this helps you, stars appreciated! 
(Tested on DirectAdmin + Apache, should work on any PHP 8+ host with rewrite rules)
Comments
You didn't wait long!
I'm really itching for some praise from everyone, but I know it might not go the way I hope. Fingers crossed I don’t get roasted instead!
Ohhh this supposed to be goooood. I’ll try soon.
That looks super nice!
Call me paranoid but I would prefer to keep the access information in a seperate file outside the public folder.
I also think you're right, but I just did it this way for the sake of simplicity and convenience. Maybe you can utilize the AI to make it better as it might offer some useful solutions.
Nice
looks like a good lightweight s3 solution will give it a try, thanks for sharing
Isn't this just some CRUD storage api with aws like auth? S3 is far more than this imo.
Only object related api.😂
I use it to backup.
Looks good! Starred.
is it need to be
into webrootor can be put intoexample.com/s3?.Oooh looks awesome! Thank you
S3 + php.... Interested how are you handling bigger files with memory limitations.
Afaik you can send data in smaller chunks. But I'm not sure if the php script would be able to handle this. Feel free to try and report.
In order to be compatible with OSS clients, such as Minio, the form of example.com/s3 cannot be used. You can use s3.example.com instead.
I tested the OSS client for uploading slightly larger files. Minio will automatically perform segmented uploading when the file size is larger than 4MiB, and it won't directly consume a large amount of memory.
This comparison is just made out of the needs of a niche group, and it may not be able to meet particularly serious requirements. Therefore, if you need formal S3 support, you need to choose a more formal product. Just take it easy.
how to use in wordpress
Hi,
This project most likely won't work with WordPress, sorry about that.
If you have any other questions, feel free to ask!
Tried to deploy to usual DirectAdmin hosting php 8.1 and get the following:
1st - aws_s3 CLI
2nd - AList app
Please, could you clarify if there exist suitable 3d-party apps to work with such type of s3 storage? or it's can be processed only under code (programming language code integration) ?
Thank you in advance.
it should be https://yourdomain/data/bucket/
-put the bucket name any.
-put any access code
Looks good! Starred.
Thank you very much for assistance. Works great. Starred.
@imhcg can you provide the nginx config? I'm not familiar on how to convert htaccess to nginx
Thank you very much; was looking for something like this.
IMPORTANT NOTES FOR OTHER USERS
Security Limitations:
- This only checks if the access key exists in an allowlist, but doesn't verify AWS Signature V4 like real S3. Since there's no secret key verification, anyone with your access key can authenticate. Never use this for public-facing applications or embed keys in client-side code
- THIS IS NOT suitable for untrusted networks as there is no protection against replay attacks or man-in-the-middle attacks without HTTPS
⚠️ DO NOT USE AS PRIMARY BACKUP This should only be a secondary or tertiary backup method due to potential data corruption under load
as there are some reliability concerns like No file locking or atomic operations means concurrent uploads can corrupt data & Missing Content-MD5 validation and proper ETag generation
PS: Abandoned multipart uploads will accumulate and waste disk space; so do clean up regularly.
For those that want a more production(ish) support using the same storage; here is a method I will recommend.
Use rclone: https://rclone.org/commands/rclone_serve_s3/
But rclone can't run on the Direct Admin server; so what it will need is a second server that will have rclone installed; the server will then form FTP/SFTP or any other supported protocol over to this server; and proxy over the commands to S3.
This is still not as secure enough. But is much better than above if your usecase requires client exposure.
For backups; you can use the above PHP. Or if you don't have another server; then we don't have a choice
. Though be concious of the security implications.
Yeah, you're absolutely right – thx for the heads-up. There's definitely a lot that needs improvement. I just pushed an update with some tweaks, but as mentioned, it's still far from perfect. Basically, don't run this in production – treat it as for learning, research, or just messing around.
is there a way to troubleshoot the s3 php server? logging or so? I get all the time errors when i try to connect to the php s3 server. @imhcg does it has some way of logging?
I am unable to set this up with Cyberduck, it needs both access key and secret key. Random character as secret_key does not work.
Edit:
Somehow it started working itself, maybe something to do with CF, anyway I am getting double the speed of ftp/sfpt using CF:
Thank you for making this!