Blocking the Upload of Malicious Files

To configure the server to block the upload of files according to the file names, set the following parameters in director.properties.

Parameter Name Type Default Value

Parameter Name	Type	Default Value
`upload.check.names`	Boolean	True. If it is set to false, no checks are done.
`upload.valid.names`	Text	A comma or separated list of valid file names.
`upload.invalid.names`	Text	A comma or separated list of invalid file names.

upload.check.names

Boolean

True.

If it is set to false, no checks are done.

upload.valid.names

Text

A comma or separated list of valid file names.

upload.invalid.names

Text

A comma or separated list of invalid file names.

Note:

Each name in this list is either a suffix (such as .pdf) or a regex prefixed with ~. If a regex is used it is matched against the full name of the file.
A file name is rejected if:
- upload.valid.names is specified and the file name does not match any of the items in the list.
- upload.invalid.names is specified and the name matches any of the items in the list.
All checks are not case sensitive.