https://community.appian.com/discussions/f/administration/34894/restrict-file-extensions-on-appian-designerHello All, We have a use case where we need to restrict Appian users that have access to Appian designer to not to upload a certain file type extensions like executable files for example. We&#39;ve tried to restrict by adding extensions to block on adminen-USTelligent Community 12https://community.appian.com/thread/134778?ContentTypeID=1Mon, 06 May 2024 17:43:02 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:571719e6-667a-4067-bd51-ab31f9789f5dStefan Helzle<p>Is this on a PROD environment? In an older blog post, I discuss a way to allow secure access to PROD for a support team.</p> <p><a id="" href="https://appian.rocks/2023/09/20/support-processes-on-appian/">https://appian.rocks/2023/09/20/support-processes-on-appian/</a></p><div style="clear:both;"></div>https://community.appian.com/thread/134776?ContentTypeID=1Mon, 06 May 2024 17:27:06 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:77204e59-5131-4e2f-bfb5-b0c9bdf150e6yashwanthr0001<p>One of the Appian group in our application is part of designer group which means they will be able to access Appian designer (Support group). So we want to make sure that no one can upload any harmful file(.exe for example)&nbsp;using designer. We have added necessary restrictions for our sites by adding on admin console but we also needed to have a similar restriction on designer as well.</p><div style="clear:both;"></div>https://community.appian.com/thread/134775?ContentTypeID=1Mon, 06 May 2024 17:18:38 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:22c4ad63-7b7a-405c-8c25-ca0f2556d06aStefan Helzle<p>What do you want to achieve with this? Or, what do you want to prevent?</p><div style="clear:both;"></div>https://community.appian.com/thread/134772?ContentTypeID=1Mon, 06 May 2024 15:11:33 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:0041c72e-552a-4324-93e9-579b40e2425fMike Schmitt<p>I believe the best practice would be to limit designer access to users who know what they&#39;re doing, and who won&#39;t upload files of a type that aren&#39;t allowed by project development best practices.&nbsp; You can enforce that by good project management oversight (daily if needed, i guess).</p> <p>For what it&#39;s worth, though, simply uploading an EXE file to the appian environment has *extremely little* potential danger in and of itself - even a compromised file (afaik) would need to be downloaded and run by some other user for it to ever have any effect.</p><div style="clear:both;"></div>https://community.appian.com/thread/134771?ContentTypeID=1Mon, 06 May 2024 15:05:39 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:7a7699d4-8b3d-45d2-a285-839a274f0867yashwanthr0001<p>Yeah, Admin console is only restricting for fileUpload component. One thing we&#39;ve tried was to add a fileMatch in httpd.conf file on webserver but that didn&#39;t worked out for us.</p><div style="clear:both;"></div>https://community.appian.com/thread/134770?ContentTypeID=1Mon, 06 May 2024 14:52:28 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:4516ba79-683e-4650-925c-ff9c238d7c61Konduru Chaitanya<p>I am not sure if you can apply restrictions on creating a document object. AFAIK we cannot.</p> <p></p> <p>The Upload File settings on Admin console will be applied only on the file upload component.<br /><img style="max-height:240px;max-width:320px;" src="/resized-image/__size/640x480/__key/communityserver-discussions-components-files/12/pastedimage1715007379417v1.png" alt=" " /></p> <p>Ref: <a href="https://docs.appian.com/suite/help/24.1/Appian_Administration_Console.html#file-upload">File Upload - Admin console/System</a></p><div style="clear:both;"></div>