How to configure specific MIME types for a Web CID in IIS 7.0/8.0

  • N°Id de l'article : 61560
  • Mis à jour : 24 janv. 2014

This article describes how to configure MIME Types for a WebCID (central installation directory) using Windows Server 2008 and IIS (Internet Information Services) 7.0 and 8.0.

Note: If you need to configure MIME types on Windows 2000 or Windows 2003, and IIS version 6, refer to the relevant section in the knowledgebase article Sophos Anti-Virus for Windows: How to create a web CID

Only files with extensions registered in the IIS 7.0/8.0 MIME type list will be served. All extensions must be listed, along with an accepted Content-type. (".txt" and "text/plain" for example). You will receive an HTTP Error 403.3 - Not Found error if the file extension is not allowed.

This is best practice, as all unknown extensions will be blocked by default, and you must explicitly whitelist an extension in order to allow access. (Please see http://learn.iis.net/ for more information).

Known to apply to the following Sophos product(s) and version(s)

Sophos Endpoint Security and Control 9.7
Sophos Endpoint Security and Control 10.0

What To Do

You can either use the list provided here, or generate your own list by running a visual basic script on a Windows computer with security permission to read files in your update location.

Once you have configured IIS, it is recommended you perform a number of update tests as detailed here.

How to generate a list of MIME Types using a VBScript

Note: This script will not work for SAV for Linux/Unix CIDs.

  1. Download GetMimeTypes.vbs.txt and rename the file to GetMimeTypes.vbs
  2. Run GetMimeTypes.vbs
  3. At the input box, paste in or type a path to a package update folder (CID) or the parent CIDS directory (This can be a UNC path also).

    Example: C:\ProgramData\Sophos\Update Manager\Update Manager\CIDs

    Note:
    The script will scan all sub-directories, if you use the CIDS directory, it will list all extensions in all packages found below. You can specify one package by changing the end of the path to the following CIDs\S000\SAVSCFXP, substituting S000 and SAVSCFXP as required.

  4. A text file called MIMETypeList.txt will be created in the same directory as the script, this will contain all the discovered file extensions.

    Note: Within the ESCOSX folder are a number of sub-folders that show a file like extension, the script will add these extensions also (These folders appear as files on an OSX computer).

How to configure MIME Types in Internet Information Services (IIS) Manager

  1. Open Internet Information Services (IIS) Manager. (To do this click Start|Administrative Tools|Internet Information Services (IIS) Manager.)
  2. Select the Sophos WebCID website you have created. Under the 'Features View' area in the IIS section, double-click on 'MIME Types'. A list of the default accepted MIME Types will appear.
  3. On the Actions pane, click 'Add... '
  4. For the File name extension: field, enter the file extension needed. For example .ide
  5. In the 'MIME type' field, type the Content-type. For example application/sophos-x
  6. Click OK. Your registered MIME type will be displayed.
  7. Repeat this process for all of the file extensions required. (Any file extensions present in your WebCID but not showing in the 'MIME Types' list must be added.)
  8. Close Internet Information Services when finished.

MIME Type List

Note: This list is subject to change.

CID Name
SAVSCFXP (Version 10) ESOSX (Version 8) savlinux
.bdl
.cab
.cat
.cfg
.chm
.conf
.crl
.crt
.css
.dat
.dll
.exe
.ide
.inf
.ini
.manifest
.msi
.mst
.pem
.policy
.ppi
.sys
.tlb
.txt
.upd
.url
.vdb
.xml
.xslt
.zip
.
.bom
.bundle
.conf
.configuration
.crl
.crt
.dat
.gz
.ide
.lproj
.mpkg
.nib
.pem
.pkg
.plist
.png
.rtf
.rtfd
.strings
.tif
.tiff
.txt
.upd
.vdb
.xml
See 38238.

If updating problems occur, see 64787 for troubleshooting information.

Update testing

After configuring the necessary MIME types within IIS it is recommended that you check that a test client can successfully update from the web server. If there are problems you suspect are related to files not being delivered it is recommended you test downloading the files from the web server using a browser.  

You may need to cross reference the log files of AutoUpdate and the IIS web server logs to establish the file or files that cannot be downloaded.

Troubleshooting

You can test the download of individual files from an internet browser by enabling Directory browsing, details are available here.

 
Si vous avez besoin de plus d'informations ou d'instructions, veuillez contacter le support technique.

Évaluez cet article

Très mauvais Excellent

Commentaires