search cancel

Block file uploads with content filtering policy


Article ID: 174578


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Create a policy rule that allows access to file sharing sites downloads while blocking uploads.


Web Security Service 


Web Security Service (WSS) has actions for web applications (Dropbox, Google Drive, etc.) that allow you to create policy based on the actions: upload files, download files, etc. Keep in mind that SSL interception may be required, and you must not have a rule blocking the File Storage/Sharing category as it will deny the access to it before the user can reach to download anything. Detailed instructions on how to do so can be found here: Create Custom WSS Content Control Rules

However, for most web applications, there is not a way to block file uploads via actions. One instance where file uploads could be blocked is if the site had a URL that all uploads were directed through. This URL should be found in the file sharing site's documentation. That URL could then be added into your policy.

WSS cannot apply a policy to different HTTP methods including GET and POST. However, on-premise ProxySG devices do have this capability; an example of this can be found here.