How do I blacklist file types for web applications?

In some cases when scanning a website this option might come in handy since you can blacklist file types. If there is a lot of bigger files that can cause the scan to take a long time, you can choose to exclude them and they will not be scanned by Holm Security WAS scanner.

When adding a new web application there are some extensions already excluded by default, the file types that are excluded by default and also shown in Security Center is: .zip, .tar, .bz2, .gz, .pdf, .ppt, .pptx, .doc, .docx, .odp, .woff, .woff2, .mp4, .mp3, .mov, .avi, .flv, .swf, .wmv, .wav, .rar, .7z, .deb, .rpm, .iso, .bin, .dmg, xls, .xlsx.

If you would like to remove or add more file types on a new web application, follow the steps in this article and it is described on step 8: https://support.holmsecurity.com/hc/en-us/articles/213291009

If you would like to edit an existing web application, you can follow these steps:

  1. Login to Security Center.
  2. Click Asset Manager go to Web applications.
  3. Click on this icon mceclip1.png to the right of the web application you would like to edit.
  4. Click CRAWL EXLUSION LIST.
  5. Under headline Blacklist > URL Extensions you have the options to:
  • Check box URL Extensions if you would like the feature enabled/disabled.
  • Type in what file extension you would like to add and press Enter.
  • Remove already existing file extensions by pressing the “x” next the extension.
  1. Click OK
  2. Done!
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.