Troubleshooting Tip: File upload restriction blocking application traffic 'msg File name Illegal file type' due empty name

jcastellanos · ‎11-18-2025

Description

This article describes when a FortiWeb administrator finds events in the attack logs about traffic that was either alerted or blocked by the file upload restriction due to an empty name.

Scope

FortiWeb v7.4.x.

Solution

In the attack log section, the administrator finds logs with 'File name [N/A]: Illegal file type'.

1-attack log.png

For more in-depth troubleshooting, the administrator can run debugging commands related to file uploads.

diagnose debug flow filter module-detail file-mime 7
diagnose debug flow filter module-detail file-security 7
diagnose debug flow filter module-detail file-parse 7
diagnose debug flow trace start
diagnose debug timestamp enable
diagnose debug enable

The administrator will identify patterns about empty file names associated with blocked traffic.

Content-Disposition: form-data; name="archs[]"; filename=""
Content-Type: application/octet-stream

To fix the issue, upgrade FortiWeb to version 7.4.6 and above.

Go to Web Protection -> Input Validation -> Web Security.

In the File Security Rule, move 'Empty File Name' from the 'Special File' category to 'Allowed File Types'.

Note:
Open a TAC ticket if the issue remains after adding 'Empty File Name' to 'Allowed File Types'.

Related documents:

Technical Tip: How to create a ticket for Fortinet TAC

Limiting file uploads

Troubleshooting Tip: File upload restriction blocking application traffic 'msg File name Illegal file type' due empty name

You are leaving our website