How can I block file extensions for HTTPS?

Hi Bob,

thanks for welcomming me.

I hope it is not a problem that the language is set to german in sophos utm ;-)

cheers Eva

Eva, you have 'URL-filtering only', and I think the URL Filter won't block that.  I think it's the Antivirus engine that decrypts and scans files and blocks .exe files.  I think that to block .exe files without decrypt and scan, you must block URLs with \.exe$ in them.  I don't know this for a fact...

What happens if you enable decrypt and scan?

What happens if, instead, you block using a REGEX \.exe$

Cheers - Bob
PS Eigentlich, es gefällt mir am German Forum teilzunehmen.  Meistens kann ich mir nicht mehr auf Deutsch mühelos ausdrucken, aber verstehen kann ich noch immer.

So, are you saying that it's now working as you expected, Jim?

Cheers - Bob

Hi Bob,

I don't think it is working as expected. However I did not have antivirus enabled. Although I did enable it in addition to scanning PUA's the UTM still does not block file extensions on uncatagorized HTTPS web sites. Does antivirus need to be enable for extension blocking to work? For some reason I expected it to work the same as HTTP downloading. Some how I suspect this is a configuration error....

Thanks,

Jim

"Uncategorized" is a trick, Jim.  One is a category and the other is the lack of categorization.

Cheers - Bob

Bob,

Thank you for your help! To be clear then I should configure as a white/black list condition? This explains why I hwas able to block ccleaner.exe the other night.

Thanks,

Jim