How to block exe-File - uploads with extension unlike exe

Question

It seems that ASM allows the upload of executables whose extension was changed from .exe to something different. If the extension is .exe, the request gets blocked as expected.&nbsp;
Configuration:
The the parameter was explicit declared as FileUplod - Type with the option enabled 'Disallow File Upload of Executables'. Furthermore the corresponding Learning and Blocking Setting: 'Disallowed file upload content detected' was also set to Learn / Alarm / Block. &nbsp;

stan_piron · Answer

ASM doesn't detect file type upload. it can only detect extension.&nbsp;
If you want content analysis, you can configure ASM (or LTM) to forward HTTP requests to an ICAP server (all antivirus vendors provide such solution as an add-on license).&nbsp;

Forum Discussion

How to block exe-File - uploads with extension unlike exe

1 Reply

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Query on source IP preservation for syslog traffic through F5 virtual server

Related Content

SSL Orchestrator Service Extensions: DoH Guardian

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

WAF - Allow uploads of only files with certain extensions and block all other file uploads

SSL Orchestrator Service Extensions: User Coaching

Service Extensions with SSL Orchestrator: Advanced Blocking Pages