Hello All,
We have a use case where we need to restrict Appian users that have access to Appian designer to not to upload a certain file type extensions like executable files for example. We've tried to restrict by adding extensions to block on admin console but it is only restricting on Sites and portals but not on Designer.
Note : We need to apply restrictions on create new document file upload component and import application file upload component.
Any suggestions will be appreciated.
Discussion posts and replies are publicly visible
I am not sure if you can apply restrictions on creating a document object. AFAIK we cannot.
The Upload File settings on Admin console will be applied only on the file upload component.
Ref: File Upload - Admin console/System
Yeah, Admin console is only restricting for fileUpload component. One thing we've tried was to add a fileMatch in httpd.conf file on webserver but that didn't worked out for us.
I believe the best practice would be to limit designer access to users who know what they're doing, and who won't upload files of a type that aren't allowed by project development best practices. You can enforce that by good project management oversight (daily if needed, i guess).
For what it's worth, though, simply uploading an EXE file to the appian environment has *extremely little* potential danger in and of itself - even a compromised file (afaik) would need to be downloaded and run by some other user for it to ever have any effect.
What do you want to achieve with this? Or, what do you want to prevent?
One of the Appian group in our application is part of designer group which means they will be able to access Appian designer (Support group). So we want to make sure that no one can upload any harmful file(.exe for example) using designer. We have added necessary restrictions for our sites by adding on admin console but we also needed to have a similar restriction on designer as well.
Is this on a PROD environment? In an older blog post, I discuss a way to allow secure access to PROD for a support team.
https://appian.rocks/2023/09/20/support-processes-on-appian/