Hackers often try to hack websites by uploading malicious files like web shells. Such attach methods, if successful give hackers access to complete sever. With Astra, you can control what file size, type and extension is allowed to be uploaded on your website. Various options available around this feature of Astra are explained below:
- File Upload Scanning Status: Enable/disable file upload scanning by checking the button
- Allowed Extensions: Simply type in the extensions you want to be ‘allowed’ to be uploaded in your website forms
- Blocked Extensions: These are the extensions you want to be blocked from being uploaded. By default the following extensions are already in the blocked list:
- 386
- acc*
- acm,act*
- apk,app
- ash*
- asm*
- asx*
- ax
- bat
- bin
- ccc
- cgi
- cmd
- com*
- cpl
- cpp
- csh
- dll
- drv
- elf
- exe
- fxp
- gad*
- hta*
- htp*
- ico
- inf
- ins
- inx
- ipa
- isu
- job
- js
- jse
- ksh
- lnk
- msc
- msi
- msp
- mst
- net
- ocx
- ops
- org
- osx
- out
- paf
- php*
- pif
- pl
- prg
- ps1
- reg
- rgs
- rs
- run
- scr*
- sct
- shb
- shs
- sql*
- sys
- u3p
- url
- vb
- vbe
- vbs*
- wor*
- ws
- wsf
- xsl