FW_H_BlockHTTPExt

To block specified HTTP extensions

  1. In the console tree of ISA Server Management, click Firewall Policy.

  2. In the details pane, click the applicable access rule or Web publishing rule.

  3. On the Tasks tab, click Edit Selected Rule.

  4. On the Traffic tab (for Web publishing rules) or on the Protocols tab (for access rules), click Filtering, and then click Configure HTTP.

  5. On the Extensions tab, select one of the following:

    • Allow all extensions. Select this option when no extensions will be blocked.
    • Allow only specified extensions. Select this option when requests with specific extensions will be allowed.
    • Block specified extensions (allow all others). Select this option when all requests will be allowed except those with specified extensions.
  6. If you selected Allow only specified extensions or Block specified extensions (allow all others), click Add, and then type the HTTP extension in Extension.

  7. Select Block requests containing ambiguous extensions if requests whose file extension cannot be determined should also be blocked.

Note

To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

Important

After you click Apply in the details pane, the policy is updated. The new policy applies only to new connections.