Last Updated: February 25, 2016
· pleone

IIS access deny to specific file extension

Create web.config file and write this code inside:

<?xml version="1.0" encoding="UTF-8"?>
                <fileExtensions applyToWebDAV="false">
                     <add fileExtension=".csv" allowed="false" />

This will deny access to any csv file.
Put the web.config file in the web root if you want to block all csv, or in a subfolder if you want to block request just for that folder.

You can add more filter if you need to block more extension.

1 Response
Add your response

How to deny access to a single file? I've tried the code bellow but it didn'd work:

<?xml version="1.0" encoding="UTF-8"?>
<clear />
<add value="index.asp" />
<add value="default.shtml" />
<add value="default.html" />
<add value="index.shtml" />
<add value="index.html" />
<add value="index.htm" />
<add value="Default.asp" />
<add value="Default.htm" />
<location path="\\wwwparceiro\mydir\test.asp">
<allow roles="admin"/>
<deny users="*"/>

over 1 year ago ·