You drag a file onto a website, click "upload," and get a link. The recipient clicks the link and downloads your file. But what actually happens behind the scenes?
Step 1: Your File Is Split into Chunks
Modern file sharing services (including FileDroppy) use chunked uploading. Your browser splits the file into smaller pieces (typically 5 MB each) and uploads them one at a time. This is important because:
- If your connection drops, only the current chunk needs to be re-uploaded
- Progress can be tracked accurately
- Your browser doesn't need to load the entire file into memory
Step 2: Each Chunk Is Encrypted in Transit
When you upload to an HTTPS website (look for the padlock icon), every chunk is encrypted using TLS (Transport Layer Security) before it leaves your browser. This means nobody between you and the server — not your ISP, not your office network admin, not a hacker on public Wi-Fi — can see the file contents.
Step 3: The File Is Reassembled on the Server
The server receives all chunks and reassembles them into the original file. It then stores the file on disk and creates a database record with metadata: filename, size, upload date, expiration date, and a unique identifier.
Step 4: Virus Scanning
Responsible services scan the file for malware and viruses at this point. FileDroppy uses ClamAV to scan every uploaded file. If a threat is detected, the file is flagged and the upload may be rejected.
Step 5: A Unique Link Is Generated
The server generates a unique, random token (like abc123xyz) and creates a download URL: filedroppy.com/d/abc123xyz. This token is the only way to access the file — it can't be guessed or enumerated.
Step 6: The Recipient Clicks the Link
When someone visits the download link, the server looks up the token, finds the associated file, checks if it's still within its expiration period, and verifies any password protection. If everything checks out, the file is streamed to the recipient's browser over HTTPS.
Step 7: Auto-Deletion
After the expiration period (7 days for free, 30 days for Pro), a cleanup process permanently deletes the file from the server. The database record is also removed. The link becomes invalid.
What About Privacy?
With FileDroppy, we don't analyze your file contents (beyond virus scanning). We don't use your files for advertising, training, or any other purpose. When a file expires, it's permanently deleted — not archived.
For extra privacy, add a password to your transfer. Even if someone discovers the link, they can't download without the password.