How do I blacklist file types for web applications?

In some cases, when scanning a website this option might come in handy since you can blacklist file types. If there are a lot of large files that can cause the scan to take a long time, you can choose to exclude them, and they will not be scanned by Holm Security WAS scanner.

When adding a new web application there are some extensions already excluded by default, the file types that are excluded by default and also shown in Security Center is: .zip, .tar, .bz2, .gz, .pdf, .ppt, .pptx, .doc, .docx, .odp, .woff, .woff2, .mp4, .mp3, .mov, .avi, .flv, .swf, .wmv, .wav, .rar, .7z, .deb, .rpm, .iso, .bin, .dmg, xls, .xlsx.

If you would like to remove or add more file types on a new web application, follow the steps in this article and it is described on step 8:

If you would like to edit an existing web application, you can follow these steps:

  1. log in to Security Center.
  2. Click Asset Manager go to Web Applications.
  3. Click on the Edit icon to the right of the web application you would like to edit.
  5. Under headline Blacklist > URL Extensions you have the options to:
    * Check box URL Extensions if you would like the feature enabled/disabled.
    * Type in what file extension you would like to add and press Enter.
    * Remove already existing file extensions by pressing the “x” next the extension.
  6. Click OK.
  7. Done!