-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
How do I blacklist file types for web applications?
In some cases, when scanning a website this option might come in handy since you can blacklist file types. If there are a lot of large files that can cause the scan to take a long time, you can choose to exclude them, and they will not be scanned by Holm Security WAS scanner.
When adding a new web application there are some extensions already excluded by default, the file types that are excluded by default and also shown in Security Center is: .zip, .tar, .bz2, .gz, .pdf, .ppt, .pptx, .doc, .docx, .odp, .woff, .woff2, .mp4, .mp3, .mov, .avi, .flv, .swf, .wmv, .wav, .rar, .7z, .deb, .rpm, .iso, .bin, .dmg, xls, .xlsx.
If you would like to remove or add more file types on a new web application, follow the steps in this article and it is described on step 8: https://support.holmsecurity.com/hc/en-us/articles/213291009
If you would like to edit an existing web application, you can follow these steps:
- log in to Security Center.
- Click Asset Manager go to Web Applications.
- Click on the Edit icon to the right of the web application you would like to edit.
- Click CRAWL EXLUSION LIST.
- Under headline Blacklist > URL Extensions you have the options to:
* Check box URL Extensions if you would like the feature enabled/disabled.
* Type in what file extension you would like to add and press Enter.
* Remove already existing file extensions by pressing the “x” next the extension. - Click OK.
- Done!