OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: itn on August 25, 2017, 03:08:45 pm

Title: Deny file uploading
Post by: itn on August 25, 2017, 03:08:45 pm
Hi everyone. 
How can i deny access to file uploading over web-browser?
In looking for answer i  found this:
acl fileupload req_mime_type -i multipart/form-data
http_access deny fileupload

I pasted to squid.conf  but nothing changed.
Title: Re: Deny file uploading
Post by: fabian on August 25, 2017, 06:51:27 pm
pasting is not enough, you have to reload the configuration and if you have not added this change correctly, your configuration will get overwritten.
Title: Re: Deny file uploading
Post by: itn on August 30, 2017, 01:47:14 pm
Thnx. I reloaded the configuration and my pasting stayed in squid.conf but nothing changed again.
You have other idea what could be wrong? And what squid.conf i have to edit?
/usr/local/opnsense/service/templates/OPNsense/Proxy/squid.conf
/usr/local/etc/squid/squid.conf
Title: Re: Deny file uploading
Post by: franco on August 30, 2017, 02:06:26 pm
The template is more permanent and you can reload via GUI and check the actual squid.conf contents... But still overwritten by any firmware upgrade unless we add a GUI input for this to store it permanently.

There are also plugin directories for persistent files. A forum search should reveal them.


Cheers,
Franco