For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
Feb 16, 2025
Solved

bigip version 17

where i can find the list of allowed file type in bigip version 17 ?
application delivery
security
  • F5_Design_Engineer's avatar
    F5_Design_Engineer
    Feb 17, 2025

    In BIG-IP version 17, you can find and manage the list of allowed file types within the security policy settings. Here’s how you can access and modify these settings:

    1. Access Security Policy:
      • Navigate to Security > Application Security > File Types in the BIG-IP Configuration utility.
    2. View Allowed File Types:
      • The Allowed File Types screen will display the current list of file types that are permitted by the security policy.
    3. Add or Modify File Types:
      • To add a new file type, click Create and specify the file type (e.g., JPG, HTML) or use wildcard expressions (e.g., *.html).
      • You can also set length constraints for URL, request, query string, and POST data associated with the file type.
    4. Automatic Policy Building:
      • If you are using automatic policy building, the system will suggest file types based on legitimate traffic during the enforcement readiness period.
    5. Disallowed File Types:
      • You can also specify disallowed file types to prevent access to sensitive files like server-side scripts, configuration files, and executables.

    For more detailed instructions, you can refer to the F5 documentation on managing file types.

    [1]: Adding File Types to a Security Policy [2]: Manage File Types


    References

    [1] Adding File Types to a Security Policy - F5, Inc.

    [2] Manage File Types - F5, Inc.

F5_Design_Engineer's avatar
F5_Design_Engineer
Icon for MVP rankMVP
Feb 17, 2025

In BIG-IP version 17, you can find and manage the list of allowed file types within the security policy settings. Here’s how you can access and modify these settings:

  1. Access Security Policy:
    • Navigate to Security > Application Security > File Types in the BIG-IP Configuration utility.
  2. View Allowed File Types:
    • The Allowed File Types screen will display the current list of file types that are permitted by the security policy.
  3. Add or Modify File Types:
    • To add a new file type, click Create and specify the file type (e.g., JPG, HTML) or use wildcard expressions (e.g., *.html).
    • You can also set length constraints for URL, request, query string, and POST data associated with the file type.
  4. Automatic Policy Building:
    • If you are using automatic policy building, the system will suggest file types based on legitimate traffic during the enforcement readiness period.
  5. Disallowed File Types:
    • You can also specify disallowed file types to prevent access to sensitive files like server-side scripts, configuration files, and executables.

For more detailed instructions, you can refer to the F5 documentation on managing file types.

[1]: Adding File Types to a Security Policy [2]: Manage File Types


References

[1] Adding File Types to a Security Policy - F5, Inc.

[2] Manage File Types - F5, Inc.