Prevent Uploading Files With Harmful Extensions

Starting v4.2, administrators can deny certain file extensions from getting uploaded. You can even configure SynaMan to upload files but rename them to *.txt so they become harmless.

Steps

• Log in as admin
• Click Configuration and select the Security tab
• Select a desired action from the following available options:
  

  No Action	SynaMan will allow any file to get uploaded
  Rename To TXT	Potentially harmful file extensions will get renamed to .TXT
  Deny Upload	Harmful file extensions will be not be allowed via file upload

Modifying Extensions

Click the link right below the actions to configure the list of harmful extensions. See the image below.

Whitelisted vs Blacklisted Extensions

By default, file extensions are blacklisted. For example, if you specify *.exe in this list, SynaMan will not allow this file extension. In certain cases you may want to flip this logic. In other words, only allow certain extensions from getting uploaded.

To achieve this, add the following line in server.properties file.

treatHarmulExtAsWhitelist=true

Rember to restart SynaMan after modifying server.properties file.