This knowledge base article contains steps on how to configure MIME Types for a Web CID (Central Installation Directory) using Windows Server 2008 or 2016, and Internet Information Services (IIS) 7.0, 8.0 or 10.0. If you need to configure MIME types on Windows Server 2003, and IIS 6.0, refer to the KBA 38238.
Only files with extensions registered in the IIS 7.0, 8.0 or 10.0 MIME type list will be served. All extensions must be listed, along with an accepted content-type such as .txt or text/plain. If the file extension is not allowed, the error HTTP Error 403.3 - Not Found will be encountered.
This is the best practice, as all unknown extensions will be blocked by default, and you must explicitly whitelist an extension in order to allow access. For more information related to IIS, take a look at this Microsoft document.
It is highly recommended referring to this KBA on a regular basis as the list of MIME type extensions is subject to change.
Applies to the following Sophos products and versions Sophos Endpoint Security and Control for Windows Sophos Anti-Virus for macOS Sophos Anti-Virus for Linux
A MIME type for this file extension already exists"
This list is subject to change. CID is located at C:\ProgramData\Sophos\Update Manager\Update Manager\CIDs\Sxxx
C:\ProgramData\Sophos\Update Manager\Update Manager\CIDs\Sxxx
.bdl .bf .bin .cab .cat .cfg .chm .conf .config .crl .crt .css .dat .dec .dll .exe .ide .inf .ini .installtype .ips .json .man .manifest .map .msi .mst .pem .plg .policy .ppi .rules .sys .tlb .txt .upd .url .vdb .xml .xslt .zip
. .aif .bom .bundle .conf .configuration .custom .crl .crt .dat .gz .helpertool .ide .icns .lproj .nib .pem .pkg .plist .png .rtf .rtfd .strings .tif .tiff .txt .upd .vdb .xml
Take a look at KBA 64787 on how to configure IIS to allow access to the \bin directory, and to allow files with double extensions to be downloaded.
.acetao .euc-jp .key .ja .key .openssl .py .pyc .see .sh .so .utf8
After configuring the necessary MIME types within IIS, it is recommended that you check that a test client can successfully update from the web server. If there are problems you suspect are related to files not being delivered, it is recommended that you test downloading the files from the web server using a browser.
You may need to cross-reference the log files of AutoUpdate and the IIS web server logs to establish the file or files that cannot be downloaded.
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.