IIS 7 and Above
Block exe file to upload
Last post Sep 07, 2018 02:09 AM by deepakpanchal10
Sep 06, 2018 11:17 AM|Tahir Shafique|LINK
I have ASP.NET application where user can upload the document, I want to block the exe file to upload and I want to do this on IIS.
how can I do this ? Request filtering is not working.
Sep 06, 2018 12:21 PM|lextm|LINK
I have ASP.NET application where user can upload the document
Such are usually application level behaviors, which makes no difference to IIS compared to other operations you would like to keep enabled. Therefore, it can be impossible to ask IIS to block.
Patch the application itself to block upload please.
Sep 07, 2018 02:09 AM|deepakpanchal10|LINK
Hi Tahir Shafiq...,
There is no direct way to block the upload functionality in your Asp.Net Application.
As a work around, You can try to use URL Rewrite for that specific page which have functionality of file upload.
You can give none as a response for this page or abort the request or display a user friendly message on other page that user is not allowed to upload any file on this application.
You can also consult the developers of this application and inform them to remove this functionality from their application and you update the site.