Blocking Executable .cmd Files

Issue

There is a rule in place on the firewall to block executable files including.cmd files. Users are trying to browse to http://appswales.alito.co.uk. Within this site is a link to news but the page is blocked as the URL has .cmd within the string. See below…

http://appswales.alito.co.uk/pages/public/front.cmd?target=news

The firewall is seeing this as a file rather than a web page and as such the site is blocked. http://appswales.alito.co.uk/pages/public/front.cmd?target=news - Works
http://appswales.alito.co.uk/pages/public/front.cmd - Not working
http://appswales.alito.co.uk/pages/public/front.cmd? - Works

The .cmd file used on the website is downloaded when accessed which is why the file gets blocked by the file blocking profile.

Resolution:

The .cmd extension to files is used to mark a windows script executable, which is basically a text file containing lines of shell commands, so the file blocking profile will only check for the extension (an .exe can be identified by it's mime type etc.). The use of this extension in a URL (rather then .htm, .xml etc) is therefore not recommended.

owner:  tpiens