GFI WebMonitor will detect renamed executable file extensions and other renamed file types. During the web traffic scanning process GFI WebMonitor analyzes the first set of bytes downloaded in order to determine the real file-type of the downloaded content. GFI WebMonitor uses this technique to detect all the file types listed in the configuration.
The file types list can be viewed at:
- GFI WebMonitor 2015 or later: Open the GFI WebMonitor - Management Console > Manage > Policies > AV scanning - download Policy (The AV scanning -Download is a default policy) > Edit > File Type > File Types > Select the + for additional file types
Note: In GFI WebMonitor 2015 the policy options will allow you to block by Category, Files, and Custom File types. The AV Scanning - Download is a Default policy.