Re: Stopping IIS from serving certain file types
From: Andrew Davis [MS] (adavis_at_online.microsoft.com)
Date: 12/05/03
- Next message: Andrew Davis [MS]: "Re: Application downloaded itself onto my Int Explorer"
- Previous message: Andrew Davis [MS]: "Re: Questions URLSCAN"
- In reply to: Keith W. McCammon: "Re: Stopping IIS from serving certain file types"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 05 Dec 2003 17:42:28 GMT
Thanks Keith! You hit the nail on the head.
URLScan is the way to go for blocking files with certian file extensions.
326444 HOW TO: Configure the URLScan Tool
http://support.microsoft.com/?id=326444
Most files have a file name extension that identifies what kind of file
they are. For example, file names for Word documents typically end in .doc,
HTML file names typically end in .htm or .html, and plain text file names
typically end in .txt. The [AllowExtensions] and [DenyExtensions] sections
permit you to define extensions that URLScan will block. For example, you
can configure URLScan to reject requests for .exe files to prevent Web
users from executing applications on your system.
Both the [AllowExtensions] and the [DenyExtensions] sections have the same
syntax. They are made up of a list of file name extensions, and each
extension appears on its own line. The extension starts with a period (.)
(for example, .ext).
URLScan decides which section to use based on the value of
UseAllowExtensions in the [Options] section. By default, this option is set
to 0. If UseAllowExtensions is set to 0, URLScan only denies requests for
file name extensions that are listed in the [DenyExtensions] section. Any
file name extensions that are not listed in this section are permitted. The
[AllowExtensions] section is ignored.
If UseAllowExtensions is set to 1, URLScan denies requests for any file
name extensions that are not explicitly listed in the [AllowExtensions]
section. Only requests for a file name extension that is listed in that
section are permitted. The [DenyExtensions] section is ignored.
For additional information about how to configure URLScan to permit
requests for files that do not have an extension, click the article number
below to view the article in the Microsoft Knowledge Base:
KBLink:312376.KB.EN-US: HOW TO: Configure URLScan to Allow Requests
with a Null Extension in IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
Thanks!
~Andrew Davis
Microsoft PSS Security
--------------------
| From: "Keith W. McCammon" <km@km.com>
| References: <BBD08829-E8FB-423A-918B-171539E687E1@microsoft.com>
| Subject: Re: Stopping IIS from serving certain file types
| Date: Thu, 4 Dec 2003 12:23:28 -0500
| Lines: 8
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#VcPytouDHA.3468@TK2MSFTNGP11.phx.gbl>
| Newsgroups: microsoft.public.inetserver.iis.security
| NNTP-Posting-Host: exchange.ncqa.org 65.216.143.158
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.
phx.gbl
| Xref: cpmsftngxa07.phx.gbl microsoft.public.inetserver.iis.security:7606
| X-Tomcat-NG: microsoft.public.inetserver.iis.security
|
| See URLScan
|
| "Brent" <anonymous@discussions.microsoft.com> wrote in message
| news:BBD08829-E8FB-423A-918B-171539E687E1@microsoft.com...
| > Is there anyway to stop certain websites in IIS from serving certain
file
| types?
|
|
|
- Next message: Andrew Davis [MS]: "Re: Application downloaded itself onto my Int Explorer"
- Previous message: Andrew Davis [MS]: "Re: Questions URLSCAN"
- In reply to: Keith W. McCammon: "Re: Stopping IIS from serving certain file types"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
