04-02-2025 10:16 AM
Dear community,
I would like to know if on a Web Security Appliance On Prem it is possible to block executable file included in pdf or docx files?
I can block exe downlaod, but looks that when the exe is included users can download them!
Thank you
04-02-2025 11:36 PM
Yes, it is possible to block, depending on your policies and the version of WSA code you are running.
Check example mime types :
04-03-2025 04:40 AM
Hello Balaji,
Are you sure?
From my point of view the MIME type of the Word Document with exe included in it will remain the same.
04-03-2025 04:56 AM
04-03-2025 05:04 AM
Hello Ken,
Ok the WSA is able to detect "multilple" MIME type in a single file?
So I would just need to check for the MIME type like: application/octet-stream
04-03-2025 06:00 AM
04-07-2025 05:47 AM
You can put [MIME = %c] in the accesslogs custom fields to see the MIME type detected by WSA
you can use this guide to edit the Custom Fields in the AccessLogs:
Kindly make sure WSA is decrypting the traffic first.
Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide