Are file extensions such as “.php”, “.js”, “.css”, and “.html” required for both Symantec Management Platform and Site Server in IIS? How about "Request Filtering"?
The IIS extensions currently implemented during a default installation of our product are required in order for the Symantec Management Platform to run. This is based on the application and all of the solution characteristics we provide. If these are deviated from we cannot guarantee results or that the solution will install or function.
As Vendor, our recommendation is to accept the file extensions as listed to ensure compatibility of our application.
In regards "Request Filtering":
maxQueryString with a value of “2048”
Verb requiring GET, POST, and HEAD.
For certain cases, we recommended increasing "MaxQueryString".
For verbs filtering, we intentionally deny most of the methods at Altiris virtual directory level. For certain services (like Deployment Solution) we require additional verbs for WebDav. POST and GET are used widely across lots of our pages for general navigation and management of settings. HEAD is used at least to report Agent Health. Additional verbs for WebDav mentioned below are used to manage DS image upload to web server.