Thread Info
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 45406 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Having problems with Web Appliance blocking users from downloading Microsoft Office files that are in the 2007+ standard .pptx, .xlsx, etc.

rynoman2k3

Seems like I keep having my users getting blocked when they are wanting to download Office files from websites. Most seem to be Government websites.

Example:

A user has submitted a URL for your review.

 

URL: http://www.plowsharegroup.com/psa-silo/download_file.php?fid=8514&tid=50525&type=single

User: lharrison

Type: Filetype

Comment: This is a PowerPoint from CDC about the national tobacco education campaign to help support my work at educating health professionals.

 

You may process this URL by logging into the appliance and visiting Search > User Submissions > File Types.

Through my default policy all users have access to download office files. Just not .zip files. It seems if I open up .zip to be downloaded for the user, then they are allowed to download the file. It's odd.


I have had previous discussions in this thread: https://community.sophos.com/products/web-appliance/f/5/t/7061#pi394filter=all&pi394scroll=true


However I wanted to open my own thread to not have any confusion.


I am running on the latest and greatest Sophos version. Our appliances auto update.

 

Here is a copy of what I allow for the default policy:

This is what I have my Default Policy Download Types set to:
ActionActiveX Controls (ocx) Allow
Adobe Flash Video (flv, swf) Allow
Adobe PDF (pdf) Allow
Audio Video Interleave (avi) Allow
Cabinet Archive (cab) Allow
DOS Command File (com) Block
ISO Image (iso) Block
Java Applet (class) Allow
Java Archive (jar) Allow
Javascript (js) Allow
MPEG Audio (mp3) Allow
MPEG Video (mpg, mpeg) Allow
Microsoft Document (xps) Allow
Microsoft Excel (xls) Allow
Microsoft Powerpoint (ppt) Allow
Microsoft Project (mpp) Allow
Microsoft Silverlight (xap) Alllow
Microsoft Word (doc) Allow
Midi (midi) Allow
Other Archives (bz2, gz, Z) Allow
Other Executables Block
QuickTime Video (mov) Allow
RAR Archive (rar) Allow
RealAudio (ra) Allow
RealMedia (rm) Allow
Rich Text Format (rtf) Allow
StuffIt (sit) Block
Tarball (tar) AllowWarnBlock
Visual Basic Extensions (vbx) Allow
Wave (wav) Allow
Windows Executable (exe) Block
Windows Installer (msi) Allow
Windows Library File (dll) Allow
Windows Media Audio (wma) Allow
Windows Media Video (wmv) Allow
Word Perfect (wpd) Allow
Zip Archive (zip) Block


X Allow user feedback X Block PUA downloads 

 
I have been told in the past few days that if I tell a site to be trusted it can have effects on how the file types are read. Funny thing is this particular site isn't even in my site list. So that rules that suggestion out.

Any Ideas?



This thread was automatically locked due to age.

  • Another example of a blocked file a user is trying to download.

    A user has submitted a URL for your review.

     

    URL: http://www.ada.org/~/media/ADA/Science and Research/HPI/Files/HPIData_SOD_2015.xlsx?la=en

    User: psmith

    Type: Filetype

    Comment: Need to pull data from this report from American Dental Association regarding dentist population

     

    You may process this URL by logging into the appliance and visiting Search > User Submissions > File Types.

  • in reply to rynoman2k3

    This was recently addressed in another thread.

    https://community.sophos.com/products/web-appliance/f/5/t/7061#pi394filter=all&pi394scroll=false

    In short, if you have a site that is set to "Trusted" that says no virus scanning.  Turning off the virus scanner means you get worse filetyping, and docx get interpreted a zip.

  • in reply to Michael Dunn

    I understand where you are coming from. However both of the sites I have posted were not even in my site list. Meaning they were not set to trusted. I figured it would be best to open a separate thread up vs clogging that up with multiple peoples questions and situations.

    In short, if this is happening and the site has never been added to the site list it has never been set to "Trusted."  So why is the file getting blocked still? Yes I am running the most recent version of Sophos on my appliances.

    I cannot allow all of my users to have .zip access due to business practices at this time. Surely I'm not the only one that is having this issue.

  • in reply to rynoman2k3

    This url / file is behaving differently than internal test files.

    Can you please raise an issue with support.  When doing so, please use the same URL as you posted here.

  • in reply to Michael Dunn

    In your case assuming that it is been blocked by a filetype vs something else like a policy, or bad certificate etc

    the other thing to check is  configuration / global policy / general options - make sure cache settings are OFF and the cache size is greyed out and not active.. If it is . clear cache and disable it.

    the applaince sees this document like so.

    pmx-list-true-filetypes CDC_TIPS_2016_National_Tobacco_Education_Campaign_Partners.pptx
    CDC_TIPS_2016_National_Tobacco_Education_Campaign_Partners.pptx:
    extensions:
    .odb
    .odf
    .odg
    .odm
    .odp
    .ods
    .odt
    .ole2
    .otg
    .oth
    .otp
    .ots
    .ott
    .potx
    .pptx
    .stc
    .std
    .sti
    .stw
    .sxc
    .sxd
    .sxg
    .sxi
    .sxm
    .sxw
    .xml

    filetypes:
    Archive/Odoc
    Presentation/Microsoft PowerPoint-OPC
    Script/Markup/XML

    mime types:
    application/vnd.oasis.opendocument
    application/vnd.sun.xml
    application/x-ole2
    application/xml
    text/xml

    It doesn't appear that any of the listed file types are set to block, however you may wish to try setting other, to allow.

Unfiltered HTML