Answer

GFI WebMonitor 2013

GFI WebMonitor will detect ActiveX as a scanned executable or package file, therefore in order to block or quarantine ActiveX you would need to perform the following:

1. Open the GFI WebMonitor Console
2. Expand WebSecurity Edition > Download Control Policies
3. Click on Edit Settings for the policy that includes the users you want to block ActiveX for
4. In the Download Control tab, locate and click on Executable
5. From the Perform this action drop down field select the required option. (Either 'Block and Quarantine' or 'Block and Delete')
6. Click on OK to go back to the 'Download Control' tab and locate and click on Cab Archives
7. From the Perform this action drop down field select the required option. (Either 'Block and Quarantine' or 'Block and Delete'
8. Click on OK and click on Save Settings
9. In order to download ActiveX components for websites that you normally access, you would need to exclude the sites from which you want to enable ActiveX, from being scanned

GFI WebMonitor 2015 and later

1. Open the GFI WebMonitor Management Console
2. Navigate to the Manage dropdown and select Policies
3. Create a new policy from the Add Policy section
4. Name the Policy in the Add Policy Name section
5. Drag the Users, Groups, IPs into the Drag elements window
6. Select the Users or groups that you would like to block active x from
7. Under the Allow, Block, Warn, Monitor Section change the dropdown to Block
8. Locate the File Types on the left hand side and drag it into your policy
9. Select Files and add Executable and Cab archives .cab
10. Click Save to save the Policy (Note: Make sure that your Policy is moved up in the policy priority list under main policy default page)

Notes:

• This functionality is available in the WebSecurity and Unified Protection editions
• To exclude sites from being scanned, add the site URL to the 'Whitelist' section of the GFI WebMonitor console. By default '*.macromedia.com' is included by default, since the site contains flash activeX plug-ins