WAF - Allow uploads of only files with certain extensions and block all other file uploads

Hi tub91 , 
Just to add somthing : 
> let all learnt filetypes as it is , and do not delete them even if they are in a wildcard form or even specific filetypes for your application , this is for the stability of your application at all and this restriction should be applied on parameter level. 

> Another point : 
you should define 2 parameter in this ASM policy , Parameter with data type "file upload" and the other with "Alpha Numeric ". 
Let me explain more : 
you should have a parameter_1 needs to upload file on it’s like a container and this parameter should use (Data type = File upload) , and the other parameter should be triggered when you click "Button upload" let we call it Parameter_2 and you should define this parameter as ( an Alpha Numeric Data type ) With the Regular expression (ReGex) that I sent in the last reply. 

Please check the below snap shots from my Lab : 

- you can see " choose file Button " which defined as " filename " parameter in F5 ASM learning suggestions , and "select the image you want to uplaod" which defined as "userfile" Parameter in F5 Learning suggestion. 
In " Filename " I should create it as ( type = user input value parameter , Data type = Alpha numeric , and add the Regex that I send before in last reply ) . 

In "userfile" I should create it ( type = user input value , Data type = File upload ) 

> I hope this helps you.