ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Preventing the .COM file extension from being downloaded prevents certain web pages from loading


Article ID: 168152


Updated On:


ProxySG Software - SGOS


You want to prevent users from downloading/accessing certain program file types (.EXE, .COM, .VBS) so you create a policy to exclude these file types. However, this can prevent web page URLs that end with '.com' from loading, e.g.;


When checking for a particular file extension the ProxySG will look for URLs that end with ‘.com’ . It will then assume that this is an executable file and block it. To ensure that the proxy will not block a valid web page you need to check if the returned object has a MIME type of ‘text/html’ – if so, then you know that it is a web page and can therefore allow it.
To do this:

1. In the VPM Web Access Layer, create a rule that checks the file extension. This rule will ALLOW this traffic.

User-added image

2. Create a ‘Combined Destination’ Object called ‘DotCom_but_web_page’.

User-added image

3. Within the combined object, create and add a ‘Request URL’ object called ‘’ that checks if the URL ends with ‘.com’.

User-added image

4. Within the combined object, create and add a ‘HTTP MIME Type’ object called ‘HTTPMIMEType-text-html’ that checks if the MIME type is ‘text/html’.

User-added image

5. Select the action to DENY this rule. Apply the policy and test.
Now, if you navigate to a URL that ends with ‘.com’ the proxy will check to see if it is an actual web page. If it is, it will be allowed. If it is not, it will be blocked by any subsequent file extension checking rule.